Lucene search
K

9 matches found

NVD
NVD
added 2024/11/28 10:15 a.m.13 views

CVE-2024-49503

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x8664/server:5.0.2.7.8.1: before...

4.6CVSS0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/28 9:26 a.m.13 views

CVE-2024-49502 Reflected XSS in Setup Wizard, HTTP Proxy credentials pane in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container...

4.6CVSS6.8AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/28 9:26 a.m.16 views

CVE-2024-49502 Reflected XSS in Setup Wizard, HTTP Proxy credentials pane in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container...

4.6CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 9:26 a.m.47 views

CVE-2024-49502

CVE-2024-49502 is a cross-site scripting vulnerability in the Setup Wizard, HTTP Proxy credentials pane of spacewalk-web. It affects SUSE Manager Server 4.3 (and related Spacewalk components) prior to versions updated by SUSE-SU-2024:4007-1, specifically before 4.3.42-150400.3.52.1 for the 4.3 li...

4.6CVSS4AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/28 9:20 a.m.11 views

CVE-2024-49503 Reflected XSS in Setup Wizard, Organization Credentials in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x8664/server:5.0.2.7.8.1: before...

4.6CVSS7.5AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/28 9:20 a.m.17 views

CVE-2024-49503 Reflected XSS in Setup Wizard, Organization Credentials in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x8664/server:5.0.2.7.8.1: before...

4.6CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 9:20 a.m.52 views

CVE-2024-49503

CVE-2024-49503 is a cross-site scripting (XSS) vulnerability due to improper input neutralization in the SUSE Manager web UI, specifically the Organization Credentials sub page. Affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1 before 5.0.15-150600.3.10.2 and SUSE Manager Server Module...

4.6CVSS4.4AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2023/09/20 9:15 a.m.30 views

CVE-2023-22644

A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...

9.4CVSS4.5AI score0.00452EPSS
Exploits0References3
Prion
Prion
added 2023/09/20 9:15 a.m.24 views

Code injection

An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5;...

1.7CVSS5.3AI score0.00452EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder