A cross-site scripting flaw was discovered in the Lookup Login/Password form of the RHN Satellite and Spacewalk.
Red Hat would like to thank Sylvain Maes for reporting this issue.
This issue has been given the name CVE-2011-3344.
This issue has been addressed in following products:
Red Hat Network Satellite Server v 5.4
Via RHSA-2011:1299 https://rhn.redhat.com/errata/RHSA-2011-1299.html
Fixed in Spacewalk master, commit 890781d7ec983e32fe83af2f7c033d087292851f,
tagged as spacewalk-web-1.6.21-1.