Project

General

Profile

Bug #4456

Updated by Dominic Cleal about 10 years ago

*PRIVATE, EMBARGOED BUG: CVE-2014-0089* awaiting CVE reference* 

 Description 
 Any user who has a privilege to add bookmarks could exploit the cross site scripting vulnerability to expose other users' personal data by storing malicious scripts when adding bookmark. As the script is permanently stored, every time others access /bookmarks to view the bookmarks, they will be affected. 

 Severity: High 

 Affected URLs 
 http://$foreman/bookmarks 

 Steps 
 Add a bookmark with some script code(e.g. <script>alert('xss')</script>) set as its bookmark name 
 Access /bookmarks to view bookmarks 

 Result 
 The script will be executed. 

 Remedy advice 
 User inputs such as special characters must be validated, filtered or encoded before being returned as part of the HTML code of a page. 

 Reference 
 CWE-931 - http://cwe.mitre.org/data/definitions/931.html

Back