CVE-2011-4193 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-4193 Interim 1 15 2025-11-05T05:43:52Z current 2021-05-30T13:00:35Z 2025-11-05T05:43:52Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-4193 Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AFPYNKHCHHUNVIQ5CZZPJACWKTI4OAO5/#AFPYNKHCHHUNVIQ5CZZPJACWKTI4OAO5 E-Mail link for SUSE-SU-2011:1324-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Studio Onsite 1.3 SUSE Studio Onsite Runner 1.2 kiwi4-4.85.1-0.22.9 kiwi4-desc-oemboot-4.85.1-0.22.9 kiwi4-desc-vmxboot-4.85.1-0.22.9 kiwi4-tools-4.85.1-0.22.9 susestudio susestudio-1.2.1-0.26.1 susestudio-bundled-packages susestudio-common susestudio-common-1.2.1-0.26.1 susestudio-image-helpers-1.2.1-0.3.3 susestudio-runner susestudio-runner-1.2.1-0.26.1 susestudio-sid susestudio-ui-server susestudio-ui-server-1.2.1-0.26.1 kiwi4-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 kiwi4-desc-oemboot-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 kiwi4-desc-vmxboot-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 kiwi4-tools-4.85.1-0.22.9 as a component of SUSE Studio Onsite Runner 1.2 susestudio-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio-common-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio-image-helpers-1.2.1-0.3.3 as a component of SUSE Studio Onsite Runner 1.2 susestudio-runner-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio-ui-server-1.2.1-0.26.1 as a component of SUSE Studio Onsite Runner 1.2 susestudio as a component of SUSE Studio Onsite 1.3 susestudio-bundled-packages as a component of SUSE Studio Onsite 1.3 susestudio-common as a component of SUSE Studio Onsite 1.3 susestudio-runner as a component of SUSE Studio Onsite 1.3 susestudio-sid as a component of SUSE Studio Onsite 1.3 susestudio-ui-server as a component of SUSE Studio Onsite 1.3 Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning. CVE-2011-4193 SUSE Studio Onsite Runner 1.2:kiwi4-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:kiwi4-desc-oemboot-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:kiwi4-desc-vmxboot-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:kiwi4-tools-4.85.1-0.22.9 SUSE Studio Onsite Runner 1.2:susestudio-1.2.1-0.26.1 SUSE Studio Onsite Runner 1.2:susestudio-common-1.2.1-0.26.1 SUSE Studio Onsite Runner 1.2:susestudio-image-helpers-1.2.1-0.3.3 SUSE Studio Onsite Runner 1.2:susestudio-runner-1.2.1-0.26.1 SUSE Studio Onsite Runner 1.2:susestudio-ui-server-1.2.1-0.26.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N