Arbitrary Script Injection in Red Hat Network (RHN) Satellite 5.4.1 Custom Info Page

Arbitrary Script Injection in Red Hat Network (RHN) Satellite 5.4.1 Custom Info Page

CVE-2011-4346 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page.

Learn more about our Web App Pen Testing.