CVE-2007-5961
Summary
| CVE | CVE-2007-5961 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-05-23 15:32:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
PartialAvailability
NoneAV:N/AC:M/Au:N/C:N/I:P/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Network Satellite | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 396641 – (CVE-2007-5961) CVE-2007-5961 RHN XSS flaw | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | |
| rhn.redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| osvdb.org/45765 | af854a3a-2127-422b-91ae-364da2661108 | osvdb.org | |
| SecurityTracker.com Archives - Red Hat Network Satellite Server Input Validation Hole in RHN Channel Search Feature Permits Cross-Site Scripting Attacks | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| Red Hat Customer Portal | MITRE | access.redhat.com | |
| CVE-2007-5961 - Red Hat Customer Portal | MITRE | access.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.