Patrick Uiterwijk of Red Hat reports:
ipsilon does not properly sanitize user provided data in certain data fields.
Created ipsilon tracking bugs for this issue:
Affects: fedora-all [bug 1255176]
This issue was discovered by Patrick Uiterwijk of Red Hat.
It was found that Ipsilon does not properly authorize change of the name of the provider. Non-admin users could change the name to a duplicate value which could possibly lead to DoS attack.