Cross-Site Scripting Vulnerabilities in Ansible Tower by Red Hat
CVE-2015-1368

Currently unrated

Key Information:

Vendor

Ansible

Status
Tower
Vendor
CVE Published:
27 January 2015

What is CVE-2015-1368?

Ansible Tower, an IT automation platform, has multiple cross-site scripting (XSS) vulnerabilities that can be exploited by remote attackers. These vulnerabilities allow injection of arbitrary web scripts or HTML via specific parameters in the API endpoints, including credentials, inventories, projects, and user permissions. Attackers could potentially execute malicious scripts in the context of a user’s session, leading to unauthorized access and exploitation of the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/99924
vdb-entryx_refsource_XF
http://osvdb.org/show/osvdb/116963
vdb-entryx_refsource_OSVDB
http://osvdb.org/show/osvdb/116962
vdb-entryx_refsource_OSVDB

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.