CVE-2014-7812
Red Hat Satellite - Authenticated Cross-Site Scripting via System Groups Field
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0033.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62183
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00020.html
Scores
EPSS
0.0021
EPSS Percentile
43.1%
Details
CWE
CWE-79
Status
published
Products (3)
redhat/satellite
5.6
redhat/spacewalk
suse/manager
1.7
Published
Jan 15, 2015
Tracked Since
Feb 18, 2026