Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 9 Dec 2015 16:12:01 +0000
From: Dominic Cleal <dominic@...al.org>
To: oss-security@...ts.openwall.com
Cc: foreman-security@...glegroups.com
Subject: CVE-2015-7518: Foreman stored XSS in parameter information popup

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2015-7518: Foreman is affected by a stored XSS vulnerability in
parameter information popups in the web UI.

Extra information stored on parameters inherited by hosts in Foreman
is shown in the web UI, in a popup for users.  The user-editable parts
of this information, such as a description, matcher and source name
can allow stored HTML/JS to be evaluated when a user opens the
information popup for a parameter.

Thanks to Tomer Brisker for reporting it to the foreman-security team,
and for fixing the issue.

Affects: at least Foreman 1.2.0 and higher (all modern versions)
Fix to be released in Foreman 1.10.0

Patch:
https://github.com/theforeman/foreman/commit/32468bce938067b1bbde1c20257
71b5b83ce88ec

More information:
http://theforeman.org/security.html#2015-7518
http://projects.theforeman.org/issues/12611
http://theforeman.org/

- -- 
Dominic Cleal
dominic@...al.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlZoUsoACgkQfH0ybywrcszGbACgxVFqMU6/fevuwG8zmxLAHGbU
HzEAn1Rkf4J0rt/GuBGCHC61HX9R+auy
=SfOR
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ