10 matches found
Low: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview
A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...
Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview
A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...
Improper Authorization
Overview smartproxyshellhooks is a Provides easy integration with 3rd parties for Foreman Affected versions of this package are vulnerable to Improper Authorization. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server...
foreman: Stored XSS in fact name or value
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...
CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...
CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...
Cross site scripting
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...
CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...
CVE-2017-15100
CVE-2017-15100 is a stored XSS vulnerability in Foreman triggered when a remote attacker submits facts containing HTML. The issue affects the Foreman web pages that render facts on the Facts, Trends, and Statistics views. Red Hat’s RHSA-2018:2927 (Satellite 6.4) includes this CVE among others and...
CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...