yahoo-eng-team team mailing list archive

[Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>]

** Changed in: horizon
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1349491

Title:
  [OSSA 2014-027] Persistent XSS in the Host Aggregates interface
  (CVE-2014-3594)

Status in OpenStack Dashboard (Horizon):
  Fix Released
Status in OpenStack Dashboard (Horizon) havana series:
  Fix Committed
Status in OpenStack Dashboard (Horizon) icehouse series:
  Fix Committed
Status in OpenStack Security Advisories:
  Fix Released

Bug description:
  Received 2014-07-28 18:08:47 +0200 via encrypted E-mail from "Dennis
  Felsch <dennis.felsch@xxxxxxxxxxxxxxxxxx>":

  Hi everyone,

  We spotted an issue with Horizon in OpenStack Icehouse and the current
  development version of Juno (older versions not tested):

  The interface for Host Aggregates is vulnerable to persistent XSS.

  Steps to reproduce the issue:

   * Log into Horizon as admin
   * Go to "Host Aggregates"
   * Create a new host aggregate
   * Enter some name and an availability zone like this: <svg onload=alert(1)>
   * Save
   * See alert pop up

  Because we are researchers, we are happy to help you, whenever we can.
  However, from the research point of view, it would be really nice to get
  some acknowledgment on your site about this issue. Is something
  like this possible?

  The people working on this are:
  Dennis Felsch (me), dennis.felsch@xxxxxxxxxxxxxxxxxx
  Mario Heiderich, mario.heiderich@xxxxxxxxx

  Please let me know if you need more info.

  Greetings,
  Dennis

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1349491/+subscriptions