Bug #16019

CVE-2016-6319 - Persistent XSS in job invocation form triggered by unescaped user input name

Added by Marek Hulán about 1 year ago. Updated about 1 year ago.

Status:Resolved
Priority:Normal
Assigned To:Marek Hulán
Category:Foreman
Target version:Foreman - Team Marek Iteration 1
Difficulty: Pull request:
Bugzilla link:
Story points-
Velocity based estimate-

Description

The value is used for label in job invocation form. The vulnerability/fix belongs to Foreman which stopped escaping the label since [1.6.0](https://github.com/theforeman/foreman/commit/2af7c64a3b9c2699a3131483bc2344b50c138542#diff-d07b3cdd6c00768e06bfed349d3c808fR157).


Related issues

Related to Foreman - Bug #16024: Foreman form helpers do not escape JS when rendering label Closed 08/09/2016

History

#1 Updated by Marek Hulán about 1 year ago

  • Related to Bug #16024: Foreman form helpers do not escape JS when rendering label added

#2 Updated by Marek Hulán about 1 year ago

  • Subject changed from Persistent XSS in job invocation form triggered by unescaped user input name to CVE-2016-6319 - Persistent XSS in job invocation form triggered by unescaped user input name
  • Status changed from New to Ready For Testing

#3 Updated by Marek Hulán about 1 year ago

  • Status changed from Ready For Testing to Resolved

Foreman fix was merged to develop branch, the tracking issue is currently set to 1.12.2 so the fix should be in next stable release.

Also available in: Atom PDF