Bug #17066: CVE-2016-8613 - XSS in live output - Foreman Remote Execution - Foreman

Actions

Copy link

Bug #17066

closed

CVE-2016-8613 - XSS in live output

Added by Ivan Necas about 8 years ago. Updated over 6 years ago.

Status:

Closed

Priority:

High

Assignee:

Ivan Necas

Category:

Foreman

Target version:

1.5.1

Difficulty:

Triaged:

Bugzilla link:

1388202

Pull request:

https://github.com/theforeman/foreman_remote_execution/pull/208

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

Missed escaping in live output can allow XSS, when the execution code produces a valid HTML/JavaScript code.

Actions

Copy link

Updated by The Foreman Bot about 8 years ago

Status changed from Assigned to Ready For Testing
Pull request https://github.com/theforeman/foreman_remote_execution/pull/208 added

Actions

Copy link

Updated by Ivan Necas about 8 years ago

Status changed from Ready For Testing to Closed
% Done changed from 0 to 100

Applied in changeset foreman_plugin|a8a971291b7779423db2d24d31572dc578a9b88a.

Actions

Copy link

Updated by Ivan Necas about 8 years ago

Bugzilla link set to 1388202

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Plugins » Foreman Remote Execution

Custom queries

Bug #17066

CVE-2016-8613 - XSS in live output

Updated by The Foreman Bot about 8 years ago

Updated by Ivan Necas about 8 years ago

Updated by Ivan Necas about 8 years ago