|Category:||Web application abuses|
|Title:||Foreman XSS Vulnerability|
|Summary:||Foreman is prone to a cross-site scripting vulnerability.|
Foreman is prone to a cross-site scripting vulnerability.
Facts reported by hosts to Foreman containing HTML are not properly escaped
on fact charts in the facts page, statistics page, and trends page when hovering over the chart with the mouse.
Foreman 1.2 and before 1.16.0.
Update to version 1.16.0 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2017-15100|
|Copyright||This script is Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.