Back to bug 1322747
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-03-31 09:07:51 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-31 09:07:51 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-03-31 09:09:03 UTC | Blocks | 1322748 | |
| Adam Mariš | 2016-03-31 09:09:46 UTC | Depends On | 1322710 | |
| Kurt Seifried | 2016-03-31 18:51:36 UTC | Summary | EMBARGOED spacewalk-java: Group name is not properly escaped allowing XSS | EMBARGOED spacewalk-java: Multiple XSS flaws |
| Kurt Seifried | 2016-03-31 18:54:58 UTC | Alias | CVE-2016-3097 | |
| Kurt Seifried | 2016-03-31 18:55:01 UTC | Summary | EMBARGOED spacewalk-java: Multiple XSS flaws | EMBARGOED CVE-2016-3097 spacewalk-java: Multiple XSS flaws |
| Kurt Seifried | 2016-03-31 18:55:03 UTC | Whiteboard | impact=moderate,public=no,reported=20160331,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5/spacewalk-java=affected | impact=moderate,public=20160331,reported=20160331,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5/spacewalk-java=affected |
| Kurt Seifried | 2016-03-31 18:55:05 UTC | Summary | EMBARGOED CVE-2016-3097 spacewalk-java: Multiple XSS flaws | CVE-2016-3097 spacewalk-java: Multiple XSS flaws |
| Kurt Seifried | 2016-03-31 18:55:07 UTC | Group | security, qe_staff | |
| Kurt Seifried | 2016-04-04 17:24:26 UTC | CC | meissner, thomas | |
| Kurt Seifried | 2016-06-18 00:47:53 UTC | Doc Text | A stored cross-site scripting (XSS) flaw was found in the way spacewalk-java displayed group names. An attacker can embed HTML and Javascript in the values for group names in Satellite, allowing them to inject malicious content into the web page that is then displayed when viewing the snapshot data. | |
| Kurt Seifried | 2016-07-14 19:25:38 UTC | Whiteboard | impact=moderate,public=20160331,reported=20160331,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-79,rhn_satellite_5/spacewalk-java=affected | impact=moderate,public=20160331,reported=20160331,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-79,rhn_satellite_5/spacewalk-java=affected |
| Tomas Hoger | 2016-07-26 09:27:01 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-07-26 05:27:01 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:46:44 UTC | Whiteboard | impact=moderate,public=20160331,reported=20160331,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,cwe=CWE-79,rhn_satellite_5/spacewalk-java=affected |
Back to bug 1322747