CVE-2014-3491 Information

Description

Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page related to create update and destroy notification boxes.

Reference

http://projects.theforeman.org/issues/5881