CVE-2017-7538 LOW

CVE-2017-7538

Vendor Red Hat

Product Satellite

Weakness CWE-79 · XSS

Published July 26, 2018

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this flaw to perform XSS attacks against other Satellite users.

Key dates

02Disclosure timeline

July 26, 2018 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-7538

Related vulnerabilities

04Related CVE

CVE-2024-47333 WordPress Loops & Logic plugin <= 4.1.4 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2025-47677 WordPress Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery plugin <= 2.7.7.25 - Cross Site Scripting (XSS) Vulnerability CVE-2024-43573 Windows MSHTML Platform Spoofing Vulnerability CVE-2025-58645 WordPress Gravitate Automated Tester Plugin <= 1.4.5 - Cross Site Scripting (XSS) Vulnerability CVE-2021-39183 Unsafe inline XSS Owncast