CVE-2015-5282

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
References
Link Resource
https://theforeman.org/security.html#2015-5282 Patch Vendor Advisory
https://github.com/theforeman/foreman/commit/4f3555b217be8723e8045f9816d147b5f684ec57 Issue Tracking Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1264221 Issue Tracking Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/09/21/3 Mailing List Patch Third Party Advisory
http://projects.theforeman.org/issues/11859 Issue Tracking Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:theforeman:foreman:1.16.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.14.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.13.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.10.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.15.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.13.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.10.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.12.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.13.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.15.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.15.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.15.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.12.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.10.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.14.3:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.14.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.13.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.12.1:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:theforeman:foreman:1.15.1:*:*:*:*:*:*:*

Information

Published : 2017-09-25 10:29

Updated : 2017-09-29 08:23


NVD link : CVE-2015-5282

Mitre link : CVE-2015-5282


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

theforeman

  • foreman