Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 21 Sep 2015 11:18:33 +0100
From: Dominic Cleal <dominic@...al.org>
To: oss-security@...ts.openwall.com
Cc: foreman-security@...glegroups.com
Subject: CVE-2015-5282: Foreman stored XSS in parameter hide checkbox

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2015-5282: Foreman is affected by a stored XSS vulnerability in
its parameter key/value web UI.

A checkbox exists to hide the values of parameters stored in the
application to mask them from casual viewing.  When changing the
hide/show checkbox, the value is masked/unmasked in the UI, but the
parameter value was not properly escaped when updating the UI which
allowed stored HTML/JS etc. to be evaluated.

Affects: Foreman 1.7.0 or higher
Fix to be released in Foreman 1.10.0

Patch:
https://github.com/theforeman/foreman/commit/4f3555b217be8723e8045f9816d
147b5f684ec57

More information:
http://theforeman.org/security.html#2015-5282
http://projects.theforeman.org/issues/11859
http://theforeman.org/

- -- 
Dominic Cleal
dominic@...al.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlX/2XMACgkQfH0ybywrcsxlNACeJ/9XQm9eMcXf+xw3JFCSf5vY
VN0An1WwmASbhE0cci+no2LUO0fIpiOV
=V/Ke
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ