Fedora Account System
Red Hat Associate
Red Hat Customer
bug 1088315 Users can create malicious key names containing script tags. They are executed by other users via the autocomplete function when searching for keys. See: https://bugzilla.redhat.com/show_bug.cgi?id=1088315
Acknowledgements: This issue was discovered by Jan Hutař of Red Hat.
This issue is now public http://theforeman.org/security.html#2014-0208
This issue was addressed in the following products: Red Hat Satellite 6.0 at the time of GA.