Red Hat Bugzilla – Bug 1314906
(CVE-2015-0284) Red Hat Satellite: stored XSS in user details fields (incomplete fix for CVE-2014-7811)
Last modified: 2016-03-08 11:34:27 EST
Jan Hutař reports:
There is stored XSS vulnerability in user details field in Satellite server, they can be exploited by using the REST API to send XML data containing malformed data.
*** This bug has been marked as a duplicate of bug 1181152 ***