NVD

Id
85287  
Name
CVE-2016-2104  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-04-27  
Published
2017-04-13  
Modified Date
2017-04-19  
Seq
2016-2104  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
415904 85287 CVE-2016-9123 http://www.openwall.com/lists/oss-security/2016/11/03/1  View
415905 85287 CVE-2016-9123 https://github.com/square/go-jose/commit/789a4c4bd4c118f7564954f441b29c153ccd6a96  View
415906 85287 CVE-2016-9123 https://hackerone.com/reports/165170  View
415907 85287 CVE-2016-9123 http://www.openwall.com/lists/oss-security/2016/11/03/1  View
415908 85287 CVE-2016-9123 https://github.com/square/go-jose/commit/789a4c4bd4c118f7564954f441b29c153ccd6a96  View
415909 85287 CVE-2016-9123 https://hackerone.com/reports/165170  View

Related JVN