Project

General

Profile

Actions

Bug #17195

closed

CVE-2016-8634 - Organization/location wizard may run stored XSS through alert

Added by Dominic Cleal over 7 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

When creating an organization or location, if the name contains HTML then the second step of the wizard (/organizations/id/step2) will render the HTML.

This occurs in the alert box stating that "Assigning hosts to ... will also update ... to include all the resources that the selected hosts are currently using."

This may permit a stored XSS attack if an organization with HTML in its name was added, then a user was directed to the specific URL of the wizard. However there are no direct links back to the wizard, so ordinarily this would only affect the user who created the org/location.

Affects Foreman 1.1 and higher.

Reported by Sanket Jagtap to .

Actions #1

Updated by Dominic Cleal over 7 years ago

  • Subject changed from Organization/location wizard may run stored XSS through alert to CVE-2016-8634 - Organization/location wizard may run stored XSS through alert
Actions #2

Updated by Tomer Brisker over 7 years ago

  • Status changed from New to Assigned
  • Assignee set to Tomer Brisker
Actions #3

Updated by The Foreman Bot over 7 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3996 added
Actions #4

Updated by Anonymous over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF