Foreman 1.4.0 prior to 1.5.0 does not properly restrict access to provisioning template previews, which allows remote malicious users to obtain sensitive information via the hostname parameter, related to "spoof."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
theforeman foreman 1.4.1 |
||
theforeman foreman 1.4.3 |
||
theforeman foreman 1.4.2 |
||
theforeman foreman 1.4.0 |
||
theforeman foreman 1.4.4 |