Bug #4456
Updated by Dominic Cleal almost 11 years ago
*PRIVATE, EMBARGOED BUG: CVE-2014-0089* awaiting CVE reference* Description Any user who has a privilege to add bookmarks could exploit the cross site scripting vulnerability to expose other users' personal data by storing malicious scripts when adding bookmark. As the script is permanently stored, every time others access /bookmarks to view the bookmarks, they will be affected. Severity: High Affected URLs http://$foreman/bookmarks Steps Add a bookmark with some script code(e.g. <script>alert('xss')</script>) set as its bookmark name Access /bookmarks to view bookmarks Result The script will be executed. Remedy advice User inputs such as special characters must be validated, filtered or encoded before being returned as part of the HTML code of a page. Reference CWE-931 - http://cwe.mitre.org/data/definitions/931.html