Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view.
{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.6"
}
],
"cpe": "cpe:2.3:a:sal_project:sal:*:*:*:*:*:*:*:*"
}