Stored XSS Vulnerability in Foreman 1.16.0: Organizations/Locations Assignment to Hosts
CVE-2017-7535 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html in its name which is visible to the user prior to taking action.
Learn more about our User Device Pen Test.