Cross-Site Scripting Vulnerability in Crowbar by SUSE
CVE-2012-3551

Currently unrated

Key Information:

Vendor

Dell
Status
Crowbar
Vendor
CVE Published:
5 September 2012

What is CVE-2012-3551?

An XSS vulnerability exists in the Crowbar framework, specifically within the support index view. This flaw permits remote attackers to inject arbitrary HTML or web scripts via a manipulated file parameter sent to the /utils endpoint. If exploited, this could lead to unauthorized actions on behalf of the user or access to sensitive information. The vulnerability affects versions of Crowbar up to and including 1.4, necessitating prompt action to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2012/08/31/1
mailing-listx_refsource_MLIST
https://bugzilla.novell.com/show_bug.cgi?id=771840
x_refsource_MISC
https://github.com/SUSE-Cloud/barclamp-crowbar/commit/a82...
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.