Bug #17066
CVE-2016-8613 - XSS in live output
Difficulty:
Triaged:
Bugzilla link:
Description
Missed escaping in live output can allow XSS, when the execution code produces a valid HTML/JavaScript code.
Associated revisions
History
#1
Updated by The Foreman Bot over 6 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman_remote_execution/pull/208 added
#2
Updated by Ivan Necas over 6 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset foreman_plugin|a8a971291b7779423db2d24d31572dc578a9b88a.
#3
Updated by Ivan Necas over 6 years ago
- Bugzilla link set to 1388202
Fixes #17066 - escape the life output properly