Filtered by vendor Katello Project Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-4812 2 Katello Project, Redhat 2 Katello, Satellite 2024-12-24 4.8 Medium
A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user. This code can be executed when opening certain pages, for example, Host Collections.