Primary

Context

SUSE Spacewalk Java Basic Cross-Site Scripting Vulnerability

Vulnerability

Patched

A basic cross-site scripting (XSS) vulnerability has been identified in SUSE Spacewalk Java, specifically in the Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1, prior to 5.0.24-150600.3.25.1, and in SUSE Manager Server Module 4.3, prior to 4.3.85-150400.3.105.3. This vulnerability allows the execution of arbitrary JavaScript code on users' machines due to improper neutralization of script-related HTML tags in a web page.

Impact

Exploitation of this vulnerability allows for basic cross-site scripting, where an attacker can execute arbitrary JavaScript in the context of the user's browser.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

1.0

exploitability

4.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

1.0

exploitability

4.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SUSE Spacewalk Java Basic Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

SUSE Manager Server Module

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating