← back
CVE-2013-2121

CVE-2013-2121

43Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 25%
from disclosure to weapon0 days
Published on NVDJul 31
1st PoCJul 23
metasploitJun 6
exploitation probability
25%top 2% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.