Spacewalk-java Security Vulnerabilities and Issues — Spacewalk-java CVE List

Lucene search

RedhatSpacewalk-java

4 matches found

CVE•added 2014/02/14 3:55 p.m.•62 views

CVE-2013-4415

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_...

4.3CVSS5.7AI score0.0033EPSS

CVE•added 2014/09/22 3:55 p.m.•56 views

CVE-2014-3595

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.

4.3CVSS5.7AI score0.00302EPSS

CVE•added 2014/11/03 4:55 p.m.•53 views

CVE-2014-3654

Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/CustomSnippetList.do, (2) channels/software/Entitle...

4.3CVSS5.7AI score0.00302EPSS

CVE•added 2014/04/01 6:35 a.m.•51 views

CVE-2013-1869

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter.

4.3CVSS6AI score0.00417EPSS