A cross-site scripting vulnerability was found in foreman in the manage organization page.
Acknowledgments: Name: Sanket Jagtap (Red Hat)
Do you have a link to an upstream issue? I checked with upstream and they are not aware of this CVE.
(In reply to Bryan Kearney from comment #3) > Do you have a link to an upstream issue? I checked with upstream and they > are not aware of this CVE. I assumed that the reported let the upstream know as always. Do you still want me to let them know, or is this resolved for now?
Sanket, do you know what the upstream issue is for this bug?
I have not yet tested this with upstream. So, didn't yet report it in upstream, but yes will let them know about this issue.
Upstream issue: http://projects.theforeman.org/issues/20963
References: http://seclists.org/oss-sec/2017/q3/521