Actions
Bug #37978
closedFix CVE-2024-8553
Difficulty:
Triaged:
No
Description
CVE1 description:
A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
Updated by The Foreman Bot about 2 months ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/10367 added
Updated by Adam Ruzicka about 2 months ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman|48718f719b6282670d1ee1d0f36777ef99934f1a.
Updated by Ewoud Kohl van Wijngaarden about 2 months ago
- Target version set to 3.12.1
Updated by The Foreman Bot about 1 month ago
- Pull request https://github.com/theforeman/foreman/pull/10379 added
Actions