Red Hat Satellite 5 is vulnerable to cross-site scripting (XSS) attacks. The list_1680466951_oldfilterval parameter is not properly sanitized, allowing a remote attacker to pass a malicious input to execute arbitrary Javascript code on the victims browser.
rhn.redhat.com/errata/RHSA-2016-0590.html
access.redhat.com/errata/RHSA-2016:0590
access.redhat.com/security/cve/CVE-2016-2103
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1181152
bugzilla.redhat.com/show_bug.cgi?id=1305681
bugzilla.redhat.com/show_bug.cgi?id=1313515
bugzilla.redhat.com/show_bug.cgi?id=1313517
bugzilla.redhat.com/show_bug.cgi?id=1320444
bugzilla.redhat.com/show_bug.cgi?id=1320452
rhn.redhat.com/errata/RHSA-2016-0590.html