Vulnerability Database

289,598

Total vulnerabilities in the database

CVE-2024-4812

A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user. This code can be executed when opening certain pages, for example, Host Collections.

  • Published: Jun 5, 2024
  • Updated: Jun 19, 2024
  • CVE: CVE-2024-4812
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.8
  • AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
redhat / satellite 6.0 6.0.x