CVE-2011-2226 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-2226 Interim 1 15 2025-11-05T05:48:23Z current 2021-05-30T12:57:51Z 2025-11-05T05:48:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-2226 Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/I57VT5F524VIYHTZ7FTSO52PZYETABZI/#I57VT5F524VIYHTZ7FTSO52PZYETABZI E-Mail link for SUSE-SU-2011:0917-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AFPYNKHCHHUNVIQ5CZZPJACWKTI4OAO5/#AFPYNKHCHHUNVIQ5CZZPJACWKTI4OAO5 E-Mail link for SUSE-SU-2011:1324-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Studio Onsite 1.3 SUSE Studio Onsite Runner 1.2 kiwi4-4.85.1-0.22.9 kiwi4-desc-oemboot-4.85.1-0.22.9 kiwi4-desc-vmxboot-4.85.1-0.22.9 kiwi4-tools-4.85.1-0.22.9 susestudio susestudio-1.2.1-0.26.1 susestudio-bundled-packages susestudio-common susestudio-common-1.2.1-0.26.1 susestudio-image-helpers-1.2.1-0.3.3 susestudio-runner susestudio-runner-1.2.1-0.26.1 susestudio-sid susestudio-ui-server susestudio-ui-server-1.2.1-0.26.1 kiwi4-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 kiwi4-desc-oemboot-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 kiwi4-desc-vmxboot-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 kiwi4-tools-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 susestudio-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio-common-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio-image-helpers-1.2.1-0.3.3 as a component of SUSE Studio Onsite Runner 1.2 susestudio-runner-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio-ui-server-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio as a component of SUSE Studio Onsite 1.3 susestudio-bundled-packages as a component of SUSE Studio Onsite 1.3 susestudio-common as a component of SUSE Studio Onsite 1.3 susestudio-runner as a component of SUSE Studio Onsite 1.3 susestudio-sid as a component of SUSE Studio Onsite 1.3 susestudio-ui-server as a component of SUSE Studio Onsite 1.3 Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing. CVE-2011-2226 SUSE Studio Onsite Runner 1.2:kiwi4-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:kiwi4-desc-oemboot-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:kiwi4-desc-vmxboot-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:kiwi4-tools-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:susestudio-1.2.1-0.26.1 SUSE Studio Onsite Runner 1.2:susestudio-common-1.2.1-0.26.1 SUSE Studio Onsite Runner 1.2:susestudio-image-helpers-1.2.1-0.3.3 SUSE Studio Onsite Runner 1.2:susestudio-runner-1.2.1-0.26.1 SUSE Studio Onsite Runner 1.2:susestudio-ui-server-1.2.1-0.26.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N