CVE-2013-0187 Information

Description

Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request.

Reference

http://theforeman.org/security.html