Medium severity6.1NVD Advisory· Published Apr 13, 2017· Updated Jun 17, 2026
CVE-2016-2104
CVE-2016-2104
Description
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- osv-coords12 versionspkg:rpm/suse/cobbler&distro=SUSE%20Manager%202.1pkg:rpm/suse/osad&distro=SUSE%20Manager%202.1pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager-tftpsync&distro=SUSE%20Manager%202.1pkg:rpm/suse/suseRegisterInfo&distro=SUSE%20Manager%202.1
< 2.2.2-0.61.2+ 11 more
- (no CPE)range: < 2.2.2-0.61.2
- (no CPE)range: < 5.11.33.11-15.2
- (no CPE)range: < 2.5.69.8-11.2
- (no CPE)range: < 2.1.55.25-24.5
- (no CPE)range: < 2.1.33.16-18.2
- (no CPE)range: < 2.1.6.10-18.3
- (no CPE)range: < 2.1.165.23-20.1
- (no CPE)range: < 2.1.27.15-12.7
- (no CPE)range: < 2.1.24-23.1
- (no CPE)range: < 2.1.15-30.2
- (no CPE)range: < 2.1.2-11.2
- (no CPE)range: < 2.1.12-14.2
Patches
Vulnerability mechanics
References
3- rhn.redhat.com/errata/RHSA-2016-0590.htmlnvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.