openstack team mailing list archive

Thread
Date

[OSSA 2012-004] XSS vulnerability in Horizon log viewer

To: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
From: Russell Bryant <rbryant@xxxxxxxxxx>
Date: Tue, 17 Apr 2012 08:51:53 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120329 Thunderbird/11.0.1

OpenStack Security Advisory: 2012-004
CVE: 2012-2094
Date: April 17, 2012
Title: XSS vulnerability in Horizon log viewer
Impact: High
Reporter: Matthias Weckbecker <mweckbecker@xxxxxxx>
Products: Horizon
Affects: All versions

Description:
Matthias Weckbecker reported a vulnerability in Horizon. He noted that
the log viewer refreshing mechanism does not escape the data fetched
from guest consoles. This means that HTML with Javascript code gets
interpreted as such, resulting in the ability to inject code into a
dashboard session.

Fixes:
  Folsom: https://review.openstack.org/#/c/6618/
  2012.1: https://review.openstack.org/#/c/6621/

References:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-2094
  https://bugs.launchpad.net/horizon/+bug/977944

-- 
Russell Bryant
OpenStack Vulnerability Management Team

Follow ups

Re: [OSSA 2012-004] XSS vulnerability in Horizon log viewer
From: Russell Bryant, 2012-04-17