CVE-2016-3080

MEDIUM

Redhat Satellite - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters, related to display of monitoring probes.

References (2)

Scores

CVSS v3 6.1
EPSS 0.0019
EPSS Percentile 41.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE
CWE-79
Status draft

Affected Products (1)

redhat/satellite

Timeline

Published Aug 05, 2016
Tracked Since Feb 18, 2026