Pvoborni

**Name of the Vulnerable Software and Affected Versions** FreeIPA versions 4.0 through 4.1.1 FreeIPA version 4.1.2 is not affected, but all versions prior to 4.1.2 are vulnerable, so the correct representation is: FreeIPA versions prior to 4.1.2 **Description** A cross-site scripting (XSS) issue exists in the Web UI, allowing remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation. **Recommendations** For FreeIPA versions prior to 4.1.2, update to version 4.1.2 or later to resolve the issue.