Medium severity6.1NVD Advisory· Published Apr 14, 2016· Updated Jun 17, 2026
CVE-2016-3079
CVE-2016-3079
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems/SystemEntitlements.do; (2) the label parameter to admin/multiorg/EntitlementDetails.do; or the name of a (3) snapshot tag or (4) system group in System Set Manager (SSM).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16- cpe:2.3:a:redhat:spacewalk-java:-:*:*:*:*:*:*:*
- osv-coords12 versionspkg:rpm/suse/cobbler&distro=SUSE%20Manager%202.1pkg:rpm/suse/osad&distro=SUSE%20Manager%202.1pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%202.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%202.1pkg:rpm/suse/susemanager-tftpsync&distro=SUSE%20Manager%202.1pkg:rpm/suse/suseRegisterInfo&distro=SUSE%20Manager%202.1
< 2.2.2-0.61.2+ 11 more
- (no CPE)range: < 2.2.2-0.61.2
- (no CPE)range: < 5.11.33.11-15.2
- (no CPE)range: < 2.5.69.8-11.2
- (no CPE)range: < 2.1.55.25-24.5
- (no CPE)range: < 2.1.33.16-18.2
- (no CPE)range: < 2.1.6.10-18.3
- (no CPE)range: < 2.1.165.23-20.1
- (no CPE)range: < 2.1.27.15-12.7
- (no CPE)range: < 2.1.24-23.1
- (no CPE)range: < 2.1.15-30.2
- (no CPE)range: < 2.1.2-11.2
- (no CPE)range: < 2.1.12-14.2
Patches
Vulnerability mechanics
References
8- rhn.redhat.com/errata/RHSA-2016-0590.htmlnvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- github.com/spacewalkproject/spacewalk/commit/7920542fnvd
- github.com/spacewalkproject/spacewalk/commit/7b9ff9adnvd
- github.com/spacewalkproject/spacewalk/commit/982b11c9nvd
- github.com/spacewalkproject/spacewalk/commit/b6491ebanvd
News mentions
0No linked articles in our index yet.