Security Advisory

CVE-2023-0119

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-12 15:14:29

Last updated 2024-08-02 05:02:43

Assigner redhat

State PUBLISHED

Description

A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another users session, make requests on behalf of the user, and obtain user credentials.

← Browse all CVEs View on cve.org ↗