Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman prior to 1.2.3 allow remote malicious users to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openstack 3.0 |
||
theforeman foreman 1.2.1 |
||
theforeman foreman 1.2.0 |
||
theforeman foreman |