Project

General

Profile

Bug #666

XSS vulnerability

Added by Petr Sklenar over 8 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

version of foreman:

commit 80e0157cc452feee0855a64c15391c55ac75610e
Author: Paul Kelly <pikelly@blueyonder.co.uk>
Date:   Sun Feb 13 09:12:39 2011 +0100

    Fixes #623 - incomplete multiple builds commit

    Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

steps to reproduce:
1. try to save search as : <script>alert('Vulnerable');</script>
and script is run

expected results:
no XSS

Associated revisions

Revision faf1e8d0 (diff)
Added by Ohad Levy over 8 years ago

fixes #666 - XSS vulnerability

History

#1 Updated by Ohad Levy over 8 years ago

  • Target version set to 0.2

#2 Updated by Ohad Levy over 8 years ago

  • Status changed from New to Ready For Testing
  • % Done changed from 0 to 100

#3 Updated by Ohad Levy over 8 years ago

  • Status changed from Ready For Testing to Closed

#4 Updated by The Foreman Bot over 3 years ago

  • Description updated (diff)
  • Pull request https://github.com/theforeman/foreman/pull/3338 added

#5 Updated by Ohad Levy over 3 years ago

  • Pull request deleted (https://github.com/theforeman/foreman/pull/3338)

Also available in: Atom PDF