CVE-2011-4346Cross-site Scripting in Redhat Satellite

CWE-79Cross-site Scripting5 documents5 sources
Severity
3.5LOWNVD
EPSS
0.3%
top 48.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Satellite
Timeline
PublishedDec 10
Latest updateMay 13

Description

Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDredhat/satellite5.4.1

Patches

Patch: www.redhat.comPatch: www.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-cx23-4vj7-xjv6: Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 52022-05-13
CVEList
CVE-2011-4346: Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 52011-12-10

📋Vendor Advisories

1
Red Hat
CVE-2011-4346: Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 52011-12-10

💬Community

1
Bugzilla
CVE-2011-4346 satellite: XSS flaw in custom system information key handling2011-09-28
CVE-2011-4346 — Cross-site Scripting in Redhat | cvebase