CVE-2014-3595
published 2014-09-22CVE-2014-3595: Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows…
medium4.3CVSS 3.1
AVNACMAuNCNIPAN
Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | satellite | — | — |
| redhat | satellite | — | — |
| redhat | satellite | — | — |
| redhat | satellite_with_embedded_oracle | — | — |
| redhat | satellite_with_embedded_oracle | — | — |
| redhat | spacewalk-java | — | — |
| redhat | spacewalk-java | — | — |
| redhat | spacewalk-java | — | — |
| suse | manager | — | — |