CyberSec.Space Logo
Back to CVE Browser

CVE-2014-0183

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile35.87th
PublishedJan 2, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Versions of Katello as shipped with Red Hat Subscription Asset Manager 1.4 are vulnerable to a XSS via HTML in the systems name when registering.

Affected Platforms (CPE)

πŸ“¦
Redhat

Subscription Asset Manager

= 1.4.0

References & Advisories

πŸ”— https://access.redhat.com/security/cve/cve-2014-0183
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0183
πŸ”— https://access.redhat.com/security/cve/cve-2014-0183
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0183

Related Vulnerabilities

CVE-2015-75019.8

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp...

CVE-2013-64399.3

Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does...

CVE-2013-18234.3

Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remot...

CVE-2012-61192.1

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, ...