yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #86791
[Bug 1892848] Re: XSS in adding JavaScript into the ‘Subnet Name’ field
Actually, when starting to mark this as a duplicate, I noticed that
there was another report set as a duplicate of this one in Private
Security state. Because it was set as a duplicate it didn't show up in
our usual queries and so we missed switching it to Public Security when
its embargo was set to expire in January.
Vishal: can you have a quick look at bug 1900872 and see if the
screenshot examples there provide sufficient context to reproduce the
behavior and/or identify potentially affected versions?
** Changed in: ossa
Status: Invalid => Incomplete
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1892848
Title:
XSS in adding JavaScript into the ‘Subnet Name’ field
Status in OpenStack Dashboard (Horizon):
Incomplete
Status in OpenStack Security Advisory:
Incomplete
Bug description:
While testing v3.10 for a client, I found that there was Persistent
XSS.
This was performed by creating a network and then entering javascript
into the subnet name. The user would then have to attach the network
interface with the javascript present to an instance. After this when
a user created a network bridge then the javascript would run.
I only had one account when performing this test but believe it would
run when other users where logged in using the same instance and
network interface.
-----------------------------------
Release: 0.0.1.dev215 on 2020-06-16 21:33:43
SHA: fbfe127c87f2e860efa7806eb9f6d6847d56ba07
Source: https://opendev.org/openstack/ossa/src/doc/source/ossa/OSSA-2014-023.rst
URL: https://security.openstack.org/ossa/OSSA-2014-023.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1892848/+subscriptions