CVE-2017-7538
CVE-2017-7538 is an XSS flaw in how Satellite/Spacewalk displays an organization name (before version 5.8). Exploitation requires changing an organization name, enabling XSS against other Satellite users. Public-facing sources in connected docs include RHSA-2017:2645 and SUSE/SUSE-SU-2017:2453-1 ...