VYPR
Low severity3.5NVD Advisory· Published Nov 28, 2024· Updated Jun 17, 2026

CVE-2024-49502

CVE-2024-49502

Description

A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

36

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.