Redhat

Spacewalk-java

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2016-3079

  • EPSS 0.43%
  • Veröffentlicht 14.04.2016 14:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems/SystemEntitlements.do; (2) the label parameter to ...

5.4

CVE-2015-0284

  • EPSS 0.27%
  • Veröffentlicht 14.04.2016 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in spacewalk-java in Spacewalk and Red Hat Satellite 5.7 allows remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details. NOTE: this vul...

4.3

CVE-2014-3654

  • EPSS 0.3%
  • Veröffentlicht 03.11.2014 16:55:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/Cu...

4.3

CVE-2014-3595

  • EPSS 0.3%
  • Veröffentlicht 22.09.2014 15:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not pro...

6

CVE-2010-2236

Exploit
  • EPSS 2.06%
  • Veröffentlicht 15.04.2014 23:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to ex...

4.3

CVE-2013-1869

  • EPSS 0.42%
  • Veröffentlicht 01.04.2014 06:35:52
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via ...

4.3

CVE-2013-4415

  • EPSS 0.33%
  • Veröffentlicht 14.02.2014 15:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3)...

3.5

CVE-2012-6149

Exploit
  • EPSS 0.25%
  • Veröffentlicht 14.02.2014 15:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a s...

6.8

CVE-2009-4139

  • EPSS 0.1%
  • Veröffentlicht 27.07.2011 02:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

A flaw was found in Spacewalk Java site packages. This cross-site request forgery (CSRF) vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts,...