CVE-2026-4324 | Red Hat Satellite 6 on Red Katello Plugin /api/hosts/bootc_images sort_by sql injection

Inserito da Angelo Barbosa | Mar 17, 2026 | CVE

A vulnerability marked as critical has been reported in Red Hat Satellite 6 on Red. The impacted element is an unknown function of the file /api/hosts/bootc_images of the component Katello Plugin. Performing a manipulation of the argument sort_by results in sql injection.

This vulnerability is cataloged as CVE-2026-4324. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-4324 | Red Hat Satellite 6 on Red Katello Plugin /api/hosts/bootc_images sort_by sql injection

Post correlati

CVE-2025-7766 | Lantronix Provisioning Manager AV xml external entity reference (icsa-25-203-02)

CVE-2024-33634 | Piotnet Addons for Elementor Pro Plugin up to 7.1.17 on WordPress server-side request forgery

CVE-2024-47640 | weDevs WP ERP Plugin up to 1.13.2 on WordPress cross site scripting

CVE-2025-8171 | code-projects Document Management System 1.0 /insert.php uploaded_file unrestricted upload