XSS in Novell Suse_linux
CVE-2012-0414
Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.005 (67.0th percentile) — read the EPSS interpretation.
Affected products
- Novell Suse_linux — versions 11
- Novell Suse_manager — versions 1.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)