Lucene search
+L
RedhatSpacewalk-java

4 matches found

CVE
CVE
added 2014/02/14 3:0 p.m.83 views

CVE-2013-4415

CVE-2013-4415 affects Red Hat Satellite/Spacewalk (Spacewalk 5.6 and RHN Satellite). The connected sources describe multiple cross-site scripting (XSS) vulnerabilities in the Red Hat Satellite web interface, enabling remote attackers to inject arbitrary web script or HTML via numerous parameters ...

4.3CVSS5.7AI score0.01732EPSS
CVE
CVE
added 2014/09/22 3:0 p.m.75 views

CVE-2014-3595

CVE-2014-3595 affects spacewalk-java components (versions 1.2.39, 1.7.54, 2.0.2) used by Spacewalk/RHN Satellite 5.4–5.6. Root cause: a stored XSS flaw where a crafted request, not properly sanitized during logging, allows injection of arbitrary HTML/JS into the log view page. Impact: remote atta...

4.3CVSS5.7AI score0.01759EPSS
CVE
CVE
added 2014/04/01 1:0 a.m.73 views

CVE-2013-1869

CVE-2013-1869 affects spacewalk-java before 2.1.148-1 and Red Hat Network Satellite 5.6, allowing remote header injection via the return_url parameter that can enable HTTP response splitting and XSS. Responsible updates are in RHSA-2014:0148 (spacewalk-java, spacewalk-web, satellite-branding); ap...

4.3CVSS6AI score0.0185EPSS
CVE
CVE
added 2014/11/03 4:0 p.m.72 views

CVE-2014-3654

CVE-2014-3654 affects spacewalk-java 2.0.2 used in Spacewalk and RHN Satellite (Spacewalk 2.x). The issue is stored XSS via multiple endpoints: kickstart/cobbler/CustomSnippetList.do, channels/software/Entitlements.do, and admin/multiorg/OrgUsers.do. Affected products report XSS in spacewalk-java...

4.3CVSS5.7AI score0.01759EPSS