Back to bug 1305677
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2016-02-08 21:35:10 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-08 21:35:10 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2016-02-08 21:36:08 UTC | Summary | EMBARGOED Satellite 5: multiple XSS | EMBARGOED Satellite 5: multiple XSS vulnerabilities |
| Kurt Seifried | 2016-02-08 21:45:23 UTC | Blocks | 1305684 | |
| Tomáš Kašpárek | 2016-02-11 14:28:43 UTC | CC | ggainey | |
| Kurt Seifried | 2016-02-23 20:02:37 UTC | Alias | CVE-2016-2104 | |
| Kurt Seifried | 2016-02-23 20:02:40 UTC | Summary | EMBARGOED Satellite 5: multiple XSS vulnerabilities | EMBARGOED CVE-2016-2104 Satellite 5: multiple XSS vulnerabilities |
| Kurt Seifried | 2016-02-24 16:46:02 UTC | Whiteboard | impact=moderate,public=no,reported=20160204,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5.7/Security=affected | impact=moderate,public=20160224,reported=20160204,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5.7/Security=affected |
| Kurt Seifried | 2016-02-24 16:46:05 UTC | Summary | EMBARGOED CVE-2016-2104 Satellite 5: multiple XSS vulnerabilities | CVE-2016-2104 Satellite 5: multiple XSS vulnerabilities |
| Kurt Seifried | 2016-02-24 16:46:07 UTC | Group | security, qe_staff | |
| Grant Gainey | 2016-03-01 18:22:50 UTC | Depends On | 1313515 | |
| Martin Prpič | 2016-03-02 08:24:49 UTC | Whiteboard | impact=moderate,public=20160224,reported=20160204,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5.7/Security=affected | impact=moderate,public=20160224,reported=20160204,source=customer,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5.7/Security=affected |
| Kurt Seifried | 2016-03-17 04:01:21 UTC | Doc Text | A cross-site scripting (XSS) flaw was found in the way HTTP GET parameter data was handled. A user able to provide malicious links to a Satellite user could use this flaw to perform XSS attacks against other Satellite users. | |
| Kurt Seifried | 2016-03-17 04:02:14 UTC | Doc Text | A cross-site scripting (XSS) flaw was found in the way HTTP GET parameter data was handled. A user able to provide malicious links to a Satellite user could use this flaw to perform XSS attacks against other Satellite users. | Multiple cross-site scripting (XSS) flaws were found in the way HTTP GET parameter data was handled. A user able to provide malicious links to a Satellite user could use this flaw to perform XSS attacks against other Satellite users. |
| Martin Prpič | 2016-03-17 14:16:16 UTC | Doc Text | Multiple cross-site scripting (XSS) flaws were found in the way HTTP GET parameter data was handled. A user able to provide malicious links to a Satellite user could use this flaw to perform XSS attacks against other Satellite users. | Multiple cross-site scripting (XSS) flaws were found in the way HTTP GET parameter data was handled in Red Hat Satellite. A user able to provide malicious links to a Satellite user could use these flaws to perform XSS attacks against other Satellite users. |
| Kurt Seifried | 2016-03-22 16:22:07 UTC | Summary | CVE-2016-2104 Satellite 5: multiple XSS vulnerabilities | CVE-2016-2104 Satellite 5: stored and reflected XSS vulnerabilities |
| Kurt Seifried | 2016-04-04 17:02:38 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-04 13:02:38 UTC | |||
| Kurt Seifried | 2016-04-04 17:06:22 UTC | CC | meissner, thomas | |
| Product Security DevOps Team | 2019-09-29 13:44:17 UTC | Whiteboard | impact=moderate,public=20160224,reported=20160204,source=customer,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5.7/Security=affected |
Back to bug 1305677