CVE-2014-0089
CVE-2014-0089 is a cross-site scripting (XSS) vulnerability in Foreman 1.4.x prior to 1.4.2, exploitable by a remote authenticated user who can inject script/HTML via the bookmark name when adding a bookmark. The root cause is exposed in app/views/common/500.html.erb, enabling arbitrary script ex...