CVE-2012-4543 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script or (3) nonce variable to the profileProcess script.

Reference

http://rhn.redhat.com/errata/RHSA-2012-1550.html http://rhn.redhat.com/errata/RHSA-2013-0511.html http://secunia.com/advisories/51482 http://www.securityfocus.com/bid/56843 http://www.securitytracker.com/id?1027846 https://bugzilla.redhat.com/show_bug.cgi?id=864397