A flaw was found in foreman. A stored XSS in the description of a custom user input in the jobs invocation page. References: https://projects.theforeman.org/issues/25275
Acknowledgments: Name: Sanket Jagtap (Red Hat Pune India)