Marcus Schafer » Kiwi : Security Vulnerabilities, CVEs, Published In 2011 (XSS)
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file.
Max CVSS
4.3
EPSS Score
0.42%
Published
2011-08-23
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display.
Max CVSS
4.3
EPSS Score
0.42%
Published
2011-08-23
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display.
Max CVSS
4.3
EPSS Score
0.42%
Published
2011-08-23
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing.
Max CVSS
4.3
EPSS Score
0.17%
Published
2011-08-23
Updated
2017-08-29
4 vulnerabilities found