3 matches found
CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...
PT-2017-13869 · Foreman · Foreman
Name of the Vulnerable Software and Affected Versions: Foreman affected versions not specified Description: The issue allows an attacker to perform a stored XSS attack by submitting facts containing HTML to the Foreman server. This can lead to exploitation on certain pages, including the Facts pa...
CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: 1 Facts page, when clicking on the "chart" button and hovering over the chart; 2 Trends page, when checking the graph for a trend based on a such fact; 3 Statistics page, for facts that are...