CVE-2011-2927: XSS
First published: Tue Aug 16 2011(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Satellite | ||
| Red Hat Spacewalk | =1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-2927?
CVE-2011-2927 is rated as a medium severity vulnerability due to its potential for exploitation via cross-site scripting.
How do I fix CVE-2011-2927?
To fix CVE-2011-2927, update to the latest version of Red Hat Spacewalk or Red Hat Satellite that addresses this vulnerability.
What types of attacks are possible due to CVE-2011-2927?
CVE-2011-2927 allows attackers to perform cross-site scripting attacks, potentially leading to session hijacking or data theft.
Which versions of Red Hat Spacewalk are affected by CVE-2011-2927?
CVE-2011-2927 specifically affects Red Hat Spacewalk version 1.6.
Can CVE-2011-2927 be exploited remotely?
Yes, CVE-2011-2927 can be exploited remotely, allowing attackers to inject arbitrary scripts or HTML into web pages.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-2927
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/remedy
- agent/description
- agent/event
- agent/trending
- agent/weakness
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/redhat
- canonical/red hat satellite
- canonical/red hat spacewalk
- version/red hat spacewalk/1.6