Vulnerabilities > Katello Project

DATE CVE VULNERABILITY TITLE RISK
2024-06-05 CVE-2024-4812 Cross-site Scripting vulnerability in multiple products
A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user.
network
low complexity
redhat katello-project CWE-79
4.8