Eval injection vulnerability in the create method in the Bookmarks controller in Foreman prior to 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
theforeman foreman |
||
redhat openstack 3.0 |
||
theforeman foreman 1.1 |