|
Message-ID: <CAE=eJsfopNJPRAyMr_3PmPnk4mfBKkRZKwgqjVKwPmsb4hWwjQ@mail.gmail.com> Date: Wed, 28 Mar 2018 10:53:44 +0300 From: Tomer Brisker <tbrisker@...hat.com> To: oss-security@...ts.openwall.com Subject: Foreman 1.9+ SQL injection in dashboard page CVE-2018-1096: One of the parameters passed when saving widget positions on the dashboard was not properly escaped leading to possibility of SQL injection. Due to the nature of the query, exploitation is limited to possible information disclosure and does not allow modifications to the database. The vulnerable endpoint is only available to authenticated users. Affects Foreman 1.9 and higher. Patch available at https://github.com/theforeman/foreman/pull/5363 Fix will be released in Foreman 1.16.1. For more information see: http://projects.theforeman.org/issues/23028 -- Have a nice day, Tomer Brisker Red Hat Engineering
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.