CVE-2011-2920: XSS
First published: Mon Feb 28 2011(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Satellite | ||
| Red Hat Spacewalk | =1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-2920?
CVE-2011-2920 is classified as a moderate severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2011-2920?
To fix CVE-2011-2920, upgrade to a patched version of Red Hat Satellite or Spacewalk that addresses the cross-site scripting vulnerabilities.
Which software is affected by CVE-2011-2920?
CVE-2011-2920 affects Red Hat Satellite and Red Hat Spacewalk version 1.6.
Can CVE-2011-2920 be exploited remotely?
Yes, CVE-2011-2920 can be exploited remotely by attackers to inject arbitrary web scripts or HTML.
What are the symptoms of CVE-2011-2920 exploitation?
Exploitation of CVE-2011-2920 may manifest as unexpected behavior on the web interface or unauthorized manipulation of content displayed to users.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-2920
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/remedy
- agent/description
- agent/event
- agent/trending
- agent/weakness
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/redhat
- canonical/red hat satellite
- canonical/red hat spacewalk
- version/red hat spacewalk/1.6