CVE-2007-5961

CWE-79 — Cross-site Scripting (XSS)5 documents5 sources

Severity

4.3MEDIUM

EPSS

0.3%

top 44.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Network Satellite

Timeline

PublishedMay 23

Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDredhat/network_satellite5.0

🔴Vulnerability Details

GHSA

GHSA-m54g-mfm4-wp3f: Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5↗2022-05-01

▶

CVEList

CVE-2007-5961: Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5↗2008-05-23

▶

📋Vendor Advisories

Red Hat

RHN XSS flaw↗2008-05-20

▶

💬Community

Bugzilla

CVE-2007-5961 RHN XSS flaw↗2007-11-23

▶