CVE-2017-7538 in Satelliteinfo

Summary

A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization s name could exploit this flaw to perform XSS attacks against other Satellite users.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Red Hat, Inc.

Reservation

04/05/2017

Disclosure

07/26/2018

CPE

ready

CVSS

4.4

EPSS

0.00278

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2017-7538
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2017-7538
CVE Detailshttps://www.cvedetails.com/cve/CVE-2017-7538/

PreviousOverviewNext