Red Hat Security Advisory 2015-1462-01 - Two cross-site scripting flaws were found in jQuery, which impacted the Identity Management web administrative interface, and could allow an authenticated user to inject arbitrary HTML or web script into the interface. Note: The IdM version provided by this update no longer uses jQuery. The ipa-server-install, ipa-replica-install, and ipa-client-install utilities are not supported on machines running in FIPS-140 mode. Previously, IdM did not warn users about this. Now, IdM does not allow running the utilities in FIPS-140 mode, and displays an explanatory message.
200010d0ed3ebfec3427d11ca0067d8bf3c37c527acb4ca4e5011b47b546ad34
Debian Linux Security Advisory 3249-1 - Shadowman131 discovered that jqueryui, a JavaScript UI library for dynamic web applications, failed to properly sanitize its "title" option. This would allow a remote attacker to inject arbitrary code through cross-site scripting.
73621fcbf22d1908f89e9d5877cc9a438c5e3f23c53d8833898194d5ba25001b
Red Hat Security Advisory 2015-0442-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Two cross-site scripting flaws were found in jQuery, which impacted the Identity Management web administrative interface, and could allow an authenticated user to inject arbitrary HTML or web script into the interface. Note: The IdM version provided by this update no longer uses jQuery.
90b7775c9c67cc56df433bcf3d1a192c2c4fcfce0355b3147fcbe1a6ae2a9084