CVE-2018-1096

Summary

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.

Affected Software

VendorProductVersion RangeStatus
Foreman ProjectForemanbefore 1.16.1affected

Weaknesses

  • CWE-89: CWE-89

ADP Enrichment

CVE Program Container

Additional References

References