Eval Injection Vulnerability in Bookmarks Controller in Foreman

Eval Injection Vulnerability in Bookmarks Controller in Foreman

CVE-2013-2121 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute.

Learn more about our User Device Pen Test.