Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-7535

Опубликовано: 12 июл. 2017
Источник: redhat
CVSS3: 6.1
EPSS Низкий

Описание

foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html in its name which is visible to the user prior to taking action.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Ceph Storage 1.3foremanWill not fix
Red Hat Satellite 6foremanUnder investigation

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1463300foreman: XSS in the manage organization page

EPSS

Процентиль: 66%
0.0051
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-7535

CVSS3: 6.1
nvd
больше 7 лет назад

foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html in its name which is visible to the user prior to taking action.

debian логотип

CVE-2017-7535

CVSS3: 6.1
debian
больше 7 лет назад

foreman before version 1.16.0 is vulnerable to a stored XSS in organiz ...

github логотип

GHSA-4w27-xxvw-958c

CVSS3: 6.1
github
больше 3 лет назад

foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html in its name which is visible to the user prior to taking action.

EPSS

Процентиль: 66%
0.0051
Низкий

6.1 Medium

CVSS3