Medium severity5.4NVD Advisory· Published Feb 5, 2014· Updated Apr 29, 2026

CVE-2011-2927

Description

A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting (XSS), allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attackers to potentially steal sensitive information or perform actions on behalf of the victim.

Affected products

Red Hat/Network Satellite
cpe:2.3:a:redhat:network_satellite:-:*:*:*:*:*:*:*
Red Hat/Spacewalk
cpe:2.3:a:redhat:spacewalk:1.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.redhat.com/support/errata/RHSA-2011-1299.htmlnvdPatchVendor Advisory
bugzilla.redhat.com/show_bug.cginvdVendor Advisory
www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.htmlnvdVendor Advisory
access.redhat.com/security/cve/CVE-2011-2927nvd

News mentions

No linked articles in our index yet.

cvss	0.351
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000