XSS Vulnerability in Satellite 5 from Red Hat
CVE-2017-7538
3.5LOW
Summary
An XSS flaw exists in Satellite 5 that allows an attacker to exploit the system by altering an organization's name. Users with the ability to modify these names can potentially inject malicious scripts, posing a threat to other Satellite users by executing unintended actions in their browsers. This vulnerability underscores the importance of implementing proper input validation and user input handling to mitigate risks associated with XSS attacks.
Affected Version(s)
Satellite 5.8
References
CVSS V3.1
Score:
3.5
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved