CVE-2013-4386
published 2013-11-20CVE-2013-4386: Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | openstack | — | — |
| theforeman | foreman | <= 1.2.2 | — |
| theforeman | foreman | — | — |
| theforeman | foreman | — | — |