VYPR

foreman_remote_execution

by Theforeman

CVEs (1)

  • CVE-2016-8613MedJul 31, 2018
    risk 0.35cvss 6.4epss 0.02

    A flaw was found in foreman 1.5.1. The remote execution plugin runs commands on hosts over SSH from the Foreman web UI. When a job is submitted that contains HTML tags, the console output shown in the web UI does not escape the output causing any HTML or JavaScript to run in the…