2 matches found
CVE-2011-2652
Cross-site scripting XSS vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file...
CVE-2011-2652
CVE-2011-2652 affects Kiwi prior to 3.74.2, including deployments in SUSE Studio 1.1 before 1.1.4. The vulnerability arises from a cross-site scripting flaw in the overlay file workflow triggered by a crafted archive file list, enabling remote attackers to inject arbitrary scripts/HTML. Impact is...