2023-09-12 15:14:29
redhat
PUBLISHED
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another users session, make requests on behalf of the user, and obtain user credentials.