CVE-2023-0119

Name of the Vulnerable Software and Affected Versions foreman (affected versions not specified)

Description A stored Cross-site scripting vulnerability was found in the Comment section of the Hosts tab, due to incorrect filtering of user input data. This allows an attacker with an existing account to steal another user's session, make requests on behalf of the user, and obtain user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.