Project

General

Custom queries

Profile

Actions

Bug #17066

closed

CVE-2016-8613 - XSS in live output

Added by Ivan Necas over 8 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Foreman
Target version:
Fixed in Releases:
Found in Releases:

Description

Missed escaping in live output can allow XSS, when the execution code produces a valid HTML/JavaScript code.

Added by Ivan Necas over 8 years ago

Revision a8a97129 (diff)

Fixes #17066 - escape the life output properly

Actions

Also available in: Atom PDF