CVE-2011-2920

Name of the Vulnerable Software and Affected Versions Spacewalk version 1.6

Description The issue allows remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms, potentially leading to cross-site scripting (XSS) attacks.

Recommendations For Spacewalk version 1.6, consider restricting access to the "Filter by Synopsis" field and other vulnerable filter forms until a patch is available. As a temporary workaround, avoid using the vulnerable filter forms to minimize the risk of exploitation.