restws is vulnerable to cross-site scripting. A remotely authenticated user is able inject and execute arbitary Javascript in another user’s browser.
www.openwall.com/lists/oss-security/2013/08/10/1
www.openwall.com/lists/oss-security/2013/08/10/1
access.redhat.com/documentation/en-US/Red_Hat_Satellite/
access.redhat.com/errata/RHEA-2014:1175
access.redhat.com/security/cve/CVE-2013-4225
access.redhat.com/site/documentation/
bugzilla.redhat.com/show_bug.cgi?id=997639
drupal.org/node/2059591
drupal.org/node/2059591
drupal.org/node/2059593
drupal.org/node/2059593
drupal.org/node/2059603
drupal.org/node/2059603