Ales Dujicek of Red Hat reports: The organization name is used in a variety of web pages without being sanitized for HTML special characters, resulting in a stored cross site scripting (XSS) vulnerability.
Acknowledgments: Name: Ales Dujicek (Red Hat)
This issue has been addressed in the following products: Red Hat Satellite 5.8 Red Hat Satellite 5.8 ELS Via RHSA-2017:2645 https://access.redhat.com/errata/RHSA-2017:2645
Can this BZ be closed? The associated erratum went live on 2017-09-06
(In reply to Tomas Lestach from comment #5) > Can this BZ be closed? The associated erratum went live on 2017-09-06 This is fine to close, thanks!