Lucene search
RedhatCVELIST:CVE-2017-15100HistoryNov 27, 2017 - 2:00 p.m.
CVE-2017-15100
2017-11-2714:00:00
CWE-79
redhat
www.cve.org
5
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the “chart” button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page.
CNA Affected
[
{
"product": "Foreman",
"vendor": "Foreman Project",
"versions": [
{
"status": "affected",
"version": "1.2 and later, a fix is planned for 1.16.0"
}
]
}
]Related
redhatcve
redhatcve
CVE-2017-15100
2017-11-02 16:19:21
veracode
veracode
Cross-site Scripting (XSS)
2019-05-16 03:48:05
prion
prion
Cross site scripting
2017-11-27 14:29:00
cve
cve
CVE-2017-15100
2017-11-27 14:29:00
osv
osv
CVE-2017-15100
2017-11-27 14:29:00
openvas
openvas
Foreman XSS Vulnerability
2017-11-07 00:00:00
nvd
nvd
CVE-2017-15100
2017-11-27 14:29:00
redhat
redhat
nessus
nessus
RHEL 7 : Satellite Server (RHSA-2018:2927)
2018-10-18 00:00:00