CVE-2018-1096

Опубликовано: 05 апр. 2018

Источник: debian

Описание

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
foreman	itp			package

Примечания

http://projects.theforeman.org/issues/23028
https://github.com/theforeman/foreman/pull/5363

Связанные уязвимости

CVE-2018-1096

CVSS3: 6.5

redhat

почти 8 лет назад

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.

CVE-2018-1096

CVSS3: 6.5

nvd

почти 8 лет назад

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.

GHSA-q2gj-47jq-58pr

CVSS3: 6.5

github

больше 3 лет назад

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.