Redhat

Spacewalk-java

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2016-3079

  • EPSS 0.43%
  • Published 14.04.2016 14:59:08
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems/SystemEntitlements.do; (2) the label parameter to ...

5.4

CVE-2015-0284

  • EPSS 0.41%
  • Published 14.04.2016 14:59:00
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in spacewalk-java in Spacewalk and Red Hat Satellite 5.7 allows remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details. NOTE: this vul...

4.3

CVE-2014-3654

  • EPSS 0.3%
  • Published 03.11.2014 16:55:03
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/Cu...

4.3

CVE-2014-3595

  • EPSS 0.3%
  • Published 22.09.2014 15:55:07
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not pro...

6

CVE-2010-2236

Exploit
  • EPSS 2.06%
  • Published 15.04.2014 23:55:07
  • Last modified 12.04.2025 10:46:40

The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to ex...

4.3

CVE-2013-1869

  • EPSS 0.42%
  • Published 01.04.2014 06:35:52
  • Last modified 12.04.2025 10:46:40

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via ...

4.3

CVE-2013-4415

  • EPSS 0.33%
  • Published 14.02.2014 15:55:05
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3)...

3.5

CVE-2012-6149

Exploit
  • EPSS 0.25%
  • Published 14.02.2014 15:55:04
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a s...

6.8

CVE-2009-4139

  • EPSS 0.17%
  • Published 27.07.2011 02:55:01
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack...