CVE-2017-12175 LOW

CVE-2017-12175

Vendor Red Hat

Product Satellite

Weakness CWE-79 · XSS

Published July 26, 2018

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality.

Key dates

02Disclosure timeline

July 26, 2018 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-12175 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-1499 Orbit Fox by ThemeIsle <= 2.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2025-68115 Parse Server vulnerable to Cross-Site Scripting (XSS) via Unescaped Mustache Template Variables CVE-2025-3750 Network Posts Extended <= 7.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via post_height Parameter CVE-2022-23598 Reflected XSS vulnerability when rendering error messages in laminas-form CVE-2025-39543 WordPress Royal Elementor Addons plugin <= 1.3.977 - Cross Site Scripting (XSS) vulnerability