Medium severity5.4NVD Advisory· Published Apr 14, 2016· Updated Jun 17, 2026
CVE-2015-0284
CVE-2015-0284
Description
Cross-site scripting (XSS) vulnerability in spacewalk-java in Spacewalk and Red Hat Satellite 5.7 allows remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the XMLRPC API, involving user details. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-7811.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16- cpe:2.3:a:redhat:spacewalk-java:-:*:*:*:*:*:*:*
- Range: 5.7
- osv-coords12 versionspkg:rpm/suse/cobbler&distro=SUSE%20Manager%202.1pkg:rpm/suse/osad&distro=SUSE%20Manager%202.1pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager-tftpsync&distro=SUSE%20Manager%202.1pkg:rpm/suse/suseRegisterInfo&distro=SUSE%20Manager%202.1
< 2.2.2-0.61.2+ 11 more
- (no CPE)range: < 2.2.2-0.61.2
- (no CPE)range: < 5.11.33.11-15.2
- (no CPE)range: < 2.5.69.8-11.2
- (no CPE)range: < 2.1.55.25-24.5
- (no CPE)range: < 2.1.33.16-18.2
- (no CPE)range: < 2.1.6.10-18.3
- (no CPE)range: < 2.1.165.23-20.1
- (no CPE)range: < 2.1.27.15-12.7
- (no CPE)range: < 2.1.24-23.1
- (no CPE)range: < 2.1.15-30.2
- (no CPE)range: < 2.1.2-11.2
- (no CPE)range: < 2.1.12-14.2
Patches
Vulnerability mechanics
References
7- rhn.redhat.com/errata/RHSA-2016-0590.htmlnvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- github.com/spacewalkproject/spacewalk/commit/dd418384171473c3e31386a1b4792f8c555dc744nvd
- github.com/spacewalkproject/spacewalk/commit/f3792c79c1c251a49cc4e382be8591636326a794nvd
News mentions
0No linked articles in our index yet.