| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-7812 | 3.5 |
Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.
|
13-02-2023 - 00:42 | 15-01-2015 - 15:59 | |
| CVE-2014-7811 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.
|
13-02-2023 - 00:42 | 15-01-2015 - 15:59 | |
| CVE-2011-4085 | 6.8 |
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which a
|
13-02-2023 - 00:20 | 23-11-2012 - 20:55 | |
| CVE-2017-7514 | 3.5 |
A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0. A user able to specify a failed action could exploit this flaw to perform XSS attacks against other Satellite users.
|
12-02-2023 - 23:30 | 30-07-2018 - 15:29 | |
| CVE-2011-4314 | 5.8 |
message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is
|
15-02-2013 - 04:50 | 27-01-2012 - 15:55 |