Cross-site scripting (XSS) vulnerability in Foreman prior to 1.4.5 and 1.5.x prior to 1.5.1 allows remote malicious users to inject arbitrary web script or HTML via the Name field to the New Host groups page, related to create, update, and destroy notification boxes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
theforeman foreman 1.4.1 |
||
theforeman foreman 1.4.0 |
||
theforeman foreman 1.5.0 |
||
theforeman foreman 1.4.3 |
||
theforeman foreman |
||
theforeman foreman 1.4.2 |