5 matches found
Cross-site Scripting (XSS)
spacewalk-java is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as spacewalk-java in Spacewalk and Red Hat Satellite 5.7 allows remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details. NOTE: this...
Cross site scripting
Cross-site scripting XSS vulnerability in spacewalk-java in Spacewalk and Red Hat Satellite 5.7 allows remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details. NOTE: this vulnerability exists because of an incomplete fix for...
CVE-2014-7811
CVE-2014-7811: Spacewalk and RHN Satellite before 5.7.0 are affected by cross-site scripting via crafted XML data in the REST API. Remote authenticated users can inject arbitrary scripts/HTML. Remediation: upgrade to Spacewalk/RHN Satellite 5.7.0 (per RHSA-2015:0033) or apply related patches. Not...
RHEL 6 : Red Hat Satellite 5.7.0 General Availability (Moderate) (RHSA-2015:0033)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0033 advisory. Red Hat Satellite provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment...
Moderate: Red Hat Security Advisory: Red Hat Satellite 5.7.0 General Availability
Red Hat Satellite 5.7.0 is now available. Updated packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Satellite 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVS...