REDHAT-BUG-731647
First published: Thu Aug 18 2011(Updated: )
A cross-site scripting flaw was discovered in the Lookup Login/Password form of the RHN Satellite and Spacewalk. <a href="https://rhnhost/help/forgot_password.pxt/%22onmouseover=alert%281%29%3E">https://rhnhost/help/forgot_password.pxt/%22onmouseover=alert%281%29%3E</a> Acknowledgements: Red Hat would like to thank Sylvain Maes for reporting this issue.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Satellite | ||
| Spacewalk |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-731647?
The severity of REDHAT-BUG-731647 is classified as medium due to its potential for cross-site scripting attacks.
How do I fix REDHAT-BUG-731647?
To fix REDHAT-BUG-731647, update to the latest versions of Red Hat RHN Satellite and Spacewalk that contain the security patch.
What products are affected by REDHAT-BUG-731647?
REDHAT-BUG-731647 affects Red Hat RHN Satellite and Red Hat Spacewalk.
What type of vulnerability is REDHAT-BUG-731647?
REDHAT-BUG-731647 is a cross-site scripting (XSS) vulnerability.
Is user input affected by REDHAT-BUG-731647?
Yes, user input in the Lookup Login/Password form is vulnerable in REDHAT-BUG-731647.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-3344
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat satellite
- canonical/spacewalk