Bug 1315398 (CVE-2016-2144) - Sat5: XSS in uset details
Summary: Sat5: XSS in uset details
Keywords:
Status: CLOSED DUPLICATE of bug 1181472
Alias: CVE-2016-2144
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1181152
Blocks: 1305684
TreeView+ depends on / blocked
 
Reported: 2016-03-07 16:11 UTC by Kurt Seifried
Modified: 2021-02-17 04:13 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-03-08 16:34:09 UTC
Embargoed:


Attachments (Terms of Use)

Description Kurt Seifried 2016-03-07 16:11:11 UTC
Jan Hutař of Red Hat reports a XSS vulnerability in the handling of the users first and last name within the Web UI.

External reference:
spacewalk git dd418384171473c3e31386a1b4792f8c555dc744
spacewalk git f3792c79c1c251a49cc4e382be8591636326a794

Comment 1 Kurt Seifried 2016-03-07 16:11:21 UTC
Acknowledgments:

Name: Jan Hutař (Red Hat)

Comment 2 Kurt Seifried 2016-03-08 16:34:09 UTC

*** This bug has been marked as a duplicate of bug 1181472 ***

Comment 3 Adam Mariš 2016-03-09 15:47:20 UTC
CVE-2016-2144 was rejected. Reason: Duplicate of CVE-2015-0284


Note You need to log in before you can comment on or make changes to this bug.