Vulnerability Details CVE-2024-4812
A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user. This code can be executed when opening certain pages, for example, Host Collections.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.9%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2024-4812
-
cpe:2.3:a:katello_project:katello:-
-
cpe:2.3:a:redhat:satellite:6.0