[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Foreman 1.9+ SQL injection in dashboard page
From:       Tomer Brisker <tbrisker () redhat ! com>
Date:       2018-03-28 7:53:44
Message-ID: CAE=eJsfopNJPRAyMr_3PmPnk4mfBKkRZKwgqjVKwPmsb4hWwjQ () mail ! gmail ! com
[Download RAW message or body]


CVE-2018-1096: One of the parameters passed when saving widget positions on
the dashboard was not properly escaped leading to possibility of SQL
injection. Due to the nature of the query, exploitation is limited to
possible information disclosure and does not allow modifications to the
database. The vulnerable endpoint is only available to authenticated users.

Affects Foreman 1.9 and higher.

Patch available at https://github.com/theforeman/foreman/pull/5363
Fix will be released in Foreman 1.16.1.
For more information see: http://projects.theforeman.org/issues/23028

-- 
Have a nice day,
Tomer Brisker
Red Hat Engineering


[prev in list] [next in list] [prev in thread] [next in thread]