CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-0183

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile35.87th
Published2020年1月2日
Last Modified2024年11月21日

Vulnerability Description

Versions of Katello as shipped with Red Hat Subscription Asset Manager 1.4 are vulnerable to a XSS via HTML in the systems name when registering.

Affected Platforms (CPE)

📦
Redhat

Subscription Asset Manager

= 1.4.0

References & Advisories

🔗 https://access.redhat.com/security/cve/cve-2014-0183
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0183
🔗 https://access.redhat.com/security/cve/cve-2014-0183
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0183

相关漏洞威胁

CVE-2015-75019.8

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp...

CVE-2013-64399.3

Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does...

CVE-2013-18234.3

Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remot...

CVE-2012-61192.1

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, ...