← back
CVE-2013-2121

CVE-2013-2121

EPSS 24.8%
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/27045unverifiedexploitdbwww.exploit-db.com/exploits/27045unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://projects.theforeman.org/issues/2631http://rhn.redhat.com/errata/RHSA-2013-0995.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=966804https://groups.google.com/forum/#%21topic/foreman-users/6WpO_3ugiXUhttp://www.exploit-db.com/exploits/27045