Cross-Site Scripting (XSS)

katello is vulnerable to cross-site scripting. Multiple XSS in various entities allow an attacker to inject and execute arbitary Javascript in a user's browser...