Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
This issue has been addressed in the following products:
Red Hat Satellite 6.11 for RHEL 7
Red Hat Satellite 6.11 for RHEL 8
Via RHSA-2022:5498 https://access.redhat.com/errata/RHSA-2022:5498
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):