XSS in Suse Studio_extension_for_system_z
CVE-2011-4193
Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted a…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (49.9th percentile) — read the EPSS interpretation.
Affected products
- Suse Studio_extension_for_system_z — versions 1.2
- Suse Studio_onsite — versions 1.2
- N/a — versions n/a
Weakness classification (CWE)
References
- SUSE-SU-2011:1324 (vendor-advisory, x_refsource_SUSE, Vendor Advisory)