CVE-2023-0119

Publication date

2023-09-12 15:14:29

Family

redhat

State

PUBLISHED

Description

A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another users session, make requests on behalf of the user, and obtain user credentials.