yahoo-eng-team team mailing list archive

[Jeremy Stanley <1892848@xxxxxxxxxxxxxxxxxx>]

This report seems very similar to
https://security.openstack.org/ossa/OSSA-2014-023.html (CVE-2014-3474),
which was fixed in Horizon's Juno release (2014.2) and backported to
Icehouse (in 2014.1.2), and Havana (in 2013.2.4). Without a clear
statement of which version the reporter found this in and no
reproduction steps provided, I'm going to assume this is a duplicate of
bug 1322197 and mark it as such. We can split the bugs again if the
reporter or someone else comes along with more actionable information.

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3474

** Changed in: ossa
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1892848

Title:
  XSS in adding JavaScript into the ‘Subnet Name’ field

Status in OpenStack Dashboard (Horizon):
  Incomplete
Status in OpenStack Security Advisory:
  Incomplete

Bug description:
  While testing v3.10 for a client, I found that there was Persistent
  XSS.

  This was performed by creating a network and then entering javascript
  into the subnet name. The user would then have to attach the network
  interface with the javascript present to an instance. After this when
  a user created a network bridge then the javascript would run.

  I only had one account when performing this test but believe it would
  run when other users where logged in using the same instance and
  network interface.

  -----------------------------------
  Release: 0.0.1.dev215 on 2020-06-16 21:33:43
  SHA: fbfe127c87f2e860efa7806eb9f6d6847d56ba07
  Source: https://opendev.org/openstack/ossa/src/doc/source/ossa/OSSA-2014-023.rst
  URL: https://security.openstack.org/ossa/OSSA-2014-023.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1892848/+subscriptions