中危CVE-2023-0119 Foreman: Stored cross-site scripting in host tab
CVE编号
CVE-2023-0119
利用情况
暂无
补丁情况
官方补丁
披露时间
2023-03-12
漏洞描述
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.