Unrated severityNVD Advisory· Published Jul 6, 2015· Updated Jun 17, 2026
CVE-2014-3653
CVE-2014-3653
Description
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*range: <=1.6.0
- (no CPE)range: <1.6.1
Patches
Vulnerability mechanics
References
4- projects.theforeman.org/issues/7483nvdExploitVendor Advisory
- theforeman.org/security.htmlnvdVendor Advisory
- www.securityfocus.com/bid/70046nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.