Patrick Uiterwijk of Red Hat reports: ipsilon does not properly sanitize user provided data in certain data fields.
Created ipsilon tracking bugs for this issue: Affects: fedora-all [bug 1255176]
Acknowledgement: This issue was discovered by Patrick Uiterwijk of Red Hat.
Analysis: It was found that Ipsilon does not properly authorize change of the name of the provider. Non-admin users could change the name to a duplicate value which could possibly lead to DoS attack.
Upstream patch: https://pagure.io/ipsilon/826e6339441546f596320f3d73304ab5f7c10de6