Sanket Jagtap

**Name of the Vulnerable Software and Affected Versions** Satellite katello versions prior to 3.9.0 **Description** A cross-site scripting (XSS) flaw was found in the katello component of Satellite, allowing an attacker with privileges to create or edit organizations and locations to execute XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. The vulnerability is related to insufficient protection of the web page structure. **Recommendations** For versions prior to 3.9.0, update to version 3.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Subscriptions and Red Hat Repositories wizards to minimize the risk of exploitation. Avoid using the wizards until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Foreman version 1.14.0 **Description** A stored XSS attack can occur when creating an organization or location in Foreman with a name containing HTML. This HTML is rendered in the alertbox on the page, specifically in the second step of the wizard at the "/organizations/id/step2" API endpoint. If a user is linked directly to this URL after an organization or location with HTML in its name is created, the stored XSS attack is triggered. **Recommendations** For Foreman version 1.14.0, as a temporary workaround, consider validating and sanitizing user input for organization and location names to prevent the inclusion of HTML. Restrict access to the "/organizations/id/step2" API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Foreman versions prior to 1.13.0 **Description** A stored XSS issue was found, allowing an attacker with privileges to set an organization or location name to display arbitrary HTML, including scripting code, within the web interface. **Recommendations** For versions prior to 1.13.0, update to version 1.13.0 or later to resolve the issue. As a temporary workaround, consider restricting the ability to set organization or location names to trusted users only until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Foreman versions prior to 1.12.2 **Description** A cross-site scripting (XSS) issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form. This is due to a vulnerability in the app/assets/javascripts/host edit interfaces.js file. **Recommendations** For versions prior to 1.12.2, update to version 1.12.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the host interface form to minimize the risk of exploitation.