Project

General

Profile

Actions
Copy link

Bug #666

closed

XSS vulnerability

Added by Petr Sklenar almost 14 years ago. Updated almost 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ohad Levy
Category:
Web Interface
Target version:
0.2
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

version of foreman:

commit 80e0157cc452feee0855a64c15391c55ac75610e
Author: Paul Kelly <pikelly@blueyonder.co.uk>
Date:   Sun Feb 13 09:12:39 2011 +0100

    Fixes #623 - incomplete multiple builds commit

    Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

steps to reproduce:
1. try to save search as : <script>alert('Vulnerable');</script>
and script is run

expected results:
no XSS

Actions
Copy link
 #1

Updated by Ohad Levy almost 14 years ago

  • Target version set to 0.2
Actions
Copy link
 #2

Updated by Ohad Levy almost 14 years ago

  • Status changed from New to Ready For Testing
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Ohad Levy almost 14 years ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link
 #4

Updated by The Foreman Bot almost 9 years ago

  • Description updated (diff)
  • Pull request https://github.com/theforeman/foreman/pull/3338 added
Actions
Copy link
 #5

Updated by Ohad Levy almost 9 years ago

  • Pull request deleted (https://github.com/theforeman/foreman/pull/3338)
Actions
Copy link

Also available in: Atom PDF