Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page.
References
Link | Resource |
---|---|
http://www.redhat.com/support/errata/RHSA-2011-1299.html | Patch Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=713478 | Vendor Advisory |
https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 04:32
Type | Values Removed | Values Added |
---|---|---|
Summary | Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page. | |
References |
|
02 Feb 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2011-2919 RHN Satellite / Spacewalk: XSS on SystemGroupList.do page | |
References |
|
Information
Published : 2014-02-05 18:55
Updated : 2023-12-10 11:31
NVD link : CVE-2011-2919
Mitre link : CVE-2011-2919
CVE.ORG link : CVE-2011-2919
JSON object : View
Products Affected
redhat
- spacewalk
- network_satellite
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')