Unrated severityNVD Advisory· Published Feb 14, 2014· Updated Jun 16, 2026
CVE-2012-6149
CVE-2012-6149
Description
Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- cpe:2.3:a:redhat:satellite_5_managed_db:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:spacewalk-java:2.0.2-57:*:*:*:*:*:*:*
- Range: = 5.6
Patches
Vulnerability mechanics
References
6- git.fedorahosted.org/cgit/spacewalk.git/commit/nvdPatchThird Party Advisory
- git.fedorahosted.org/cgit/spacewalk.git/commit/nvdExploitPatch
- rhn.redhat.com/errata/RHSA-2014-0148.htmlnvdVendor Advisory
- secunia.com/advisories/56952nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- www.suse.com/support/update/announcement/2014/suse-su-20140222-1.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.