CVE-2016-6319 – foreman: Persistent XSS in Foreman remote execution plugin
https://notcve.org/view.php?id=CVE-2016-6319
Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman before 1.12.2, as used by Remote Execution and possibly other plugins, allows remote attackers to inject arbitrary web script or HTML via the label parameter. Vulnerabilidad de XSS en app/helpers/form_helper.rb en Foreman en versiones anteriores a 1.12.2, como se utiliza en Remote Execution y posiblemente otros plugins, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro de etiqueta. It was found that foreman is vulnerable to a stored XSS via a job template with a malformed name. This could allow an attacker with privileges to set the name in a template to display arbitrary HTML including scripting code within the web interface. • http://projects.theforeman.org/issues/16019 http://projects.theforeman.org/issues/16024 http://www.securityfocus.com/bid/92429 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=1365815 https://github.com/theforeman/foreman/commit/0f35fe14acf0d0d3b55e9337bc5e2b9640ff2372 https://theforeman.org/security.html#2016-6319 https://access.redhat.com/security/cve/CVE-2016-6319 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-2100
https://notcve.org/view.php?id=CVE-2016-2100
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission. Foreman en versiones anteriores a 1.10.3 y 1.11.0 en versiones anteriores a 1.11.0-RC2 permite a usuarios remotos autenticados leer, modificar o borrar marcadores privados aprovechando el permiso (1) edit_bookmarks o (2) destroy_bookmarks. • http://projects.theforeman.org/issues/13828 http://theforeman.org/security.html#2016-2100 http://www.openwall.com/lists/oss-security/2016/03/31/2 https://access.redhat.com/errata/RHBA-2016:1500 • CWE-284: Improper Access Control •
CVE-2015-7518 – foreman: Stored XSS vulnerability in smart class parameters/variables
https://notcve.org/view.php?id=CVE-2015-7518
Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart class parameters, or (3) smart variables in the (a) host or (b) hostgroup edit forms. Múltiples vulnerabilidades de XSS en popups de información en Foreman en versiones anteriores a 1.10.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de (1) parámetros globales, (2) parámetros de clase inteligente o (3) variables inteligentes en formularios de edición (a) host o (b) hostgroup. A stored cross-site scripting (XSS) flaw was found in the smart class parameters/variables field. By sending a specially crafted request to Satellite, a remote, authenticated attacker could embed HTML content into the stored data, allowing them to inject malicious content into the web page that is used to view that data. • http://projects.theforeman.org/issues/12611 http://theforeman.org/security.html#2015-7518 http://www.openwall.com/lists/oss-security/2015/12/09/6 https://access.redhat.com/errata/RHSA-2016:0174 https://access.redhat.com/security/cve/CVE-2015-7518 https://bugzilla.redhat.com/show_bug.cgi?id=1285728 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •