Foreman form helpers do not escape JS when rendering label
|Triaged:||Fixed in Releases:|
|Bugzilla link:||Found in Releases:||1.6.0|
The issue was introduced in Foreman 1.6. There's only one dynamic
:label => in Foreman that uses MailNotification name which we don't allow users to modify so there's no vulnerable code in Foreman. But remote execution plugin that rely on this label to be escaped. Setting to 1.12.2, feel free to reset. For REX this is pretty important though.