Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman prior to 1.12.2, as used by Remote Execution and possibly other plugins, allows remote malicious users to inject arbitrary web script or HTML via the label parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
theforeman foreman |