Vulnerability Details CVE-2011-2226
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00013.html
- http://support.novell.com/security/cve/CVE-2011-2226.html
- http://www.securityfocus.com/bid/49236
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69278
- http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00013.html
- http://support.novell.com/security/cve/CVE-2011-2226.html
- http://www.securityfocus.com/bid/49236
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69278
Products affected by CVE-2011-2226
-
cpe:2.3:a:marcus_schafer:kiwi:*
-
cpe:2.3:a:novell:suse_studio_onsite:1.1