5 matches found
CVE-2023-0119
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, a...
CVE-2023-0119 Foreman: stored cross-site scripting in host tab
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, a...
CVE-2023-0119 Foreman: stored cross-site scripting in host tab
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, a...
PT-2023-16026 · Foreman +1 · Foreman +1
Name of the Vulnerable Software and Affected Versions: foreman affected versions not specified Description: A stored Cross-site scripting vulnerability was found in the Comment section of the Hosts tab, due to incorrect filtering of user input data. This allows an attacker with an existing accoun...
CVE-2023-0119
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, a...