Bug #25169
closed
CVE-2018-14664 - Persisted XSS on all pages that use breadcrumbs
Added by Marek Hulán about 6 years ago.
Updated about 6 years ago.
Description
If user has the permission to edit resource which attribute is user in the breadcrumbs bar, it's not properly escaped allowing attacker to store code, that will be executed on client side. E.g. create a domain with name test.<b>com</b>, the go to it's edit form. See the breadcrumb didn't escape the HTML code.
This has been introduced in 1.18
- Related to Feature #22855: Add redux container for breadcrumb switcher added
- Assignee set to Amir Fefer
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/6132 added
- Bugzilla link set to 1638130
- Subject changed from Persisted XSS on all pages that use breadcrumbs to CVE-2018-14664 - Persisted XSS on all pages that use breadcrumbs
- Fixed in Releases 1.18.3, 1.19.1, 1.20.0 added
- Status changed from Ready For Testing to Closed
- Related to Bug #25503: Breadcrumb show allow truncation with full title in tooltip on mouse hover added
- Bugzilla link changed from 1638130 to 1652999
- Related to Bug #26822: Create host in breadcrumbs in host detail page after creating a host added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by