Satellite: stored XSS in user details fields (incomplete fix for CVE-2014-7811)
A cross-site scripting XSS flaw was found in how XML data was handled in Red Hat Satellite. A user able to use the XMLRPC API could exploit this flaw to perform XSS attacks against other Satellite users...