A vulnerability in the koji RPM-based build system is related to improper neutralization of input data during the
during web page generation. Exploitation of the vulnerability could allow an attacker to conduct XSS attacks using a specially crafted web interface.
using a specially crafted web interface