Project

General

Profile

Actions
Copy link

Bug #17066

closed

CVE-2016-8613 - XSS in live output

Added by Ivan Necas over 7 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
High
Assignee:
Ivan Necas
Category:
Foreman
Target version:
1.5.1
Difficulty:
Triaged:
Bugzilla link:
1388202
Pull request:
https://github.com/theforeman/foreman_remote_execution/pull/208
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Missed escaping in live output can allow XSS, when the execution code produces a valid HTML/JavaScript code.

Actions
Copy link

Also available in: Atom PDF