PT-2011-3993 · Suse · Kiwi+1
Publicado
2011-08-23
·
Atualizado
2017-08-29
·
CVE-2011-2644
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Kiwi versions prior to 3.74.2
SUSE Studio versions prior to 1.1.4
Description
The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote attackers to inject arbitrary web script or HTML. This is due to an unspecified vector related to an RPM info display.
Recommendations
For Kiwi versions prior to 3.74.2, update to version 3.74.2 or later.
For SUSE Studio versions prior to 1.1.4, update to version 1.1.4 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Kiwi
Suse Studio