CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Theforeman: >> Foreman >> 1.18.0 Security Vulnerabilities

CVE-2018-14664

A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists due to an improperly escaped HTML code in the breadcrumbs bar. This allows a user with permissions to edit which attribute is used in the breadcrumbs bar to store code that will be executed on the client side.

CVSS Score

5.4

EPSS Score

0.003

Published

2018-10-12

Page 2

Vulnerabilities

Vulnerable Software

Theforeman: >> Foreman >> 1.18.0 Security Vulnerabilities

Products

Pricing

Contact Us