Theforeman : Security vulnerabilities, CVEs xss, cross site scripting published in 2016

Copy

CVE-2016-6320

Cross-site scripting (XSS) vulnerability in app/assets/javascripts/host_edit_interfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form.

Max CVSS

5.4

EPSS Score

0.11%

Published

2016-08-19

Updated

2023-02-13

CVE-2016-6319

Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman before 1.12.2, as used by Remote Execution and possibly other plugins, allows remote attackers to inject arbitrary web script or HTML via the label parameter.

Max CVSS

6.1

EPSS Score

1.38%

Published

2016-08-19

Updated

2023-02-13

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!