Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 17 Jun 2016 14:23:34 +0000
From: Tristan Cacqueray <tdecacqu@...hat.com>
To: oss-security@...ts.openwall.com
Subject: [OSSA-2016-010] XSS in Horizon client side template (CVE-2016-4428)

==================================================
OSSA-2016-010: XSS in Horizon client side template
==================================================

:Date: June 15, 2016
:CVE: CVE-2016-4428


Affects
~~~~~~~
- Horizon: <=8.0.1, >=9.0.0 <=9.0.1


Description
~~~~~~~~~~~
Beth Lancaster and Brandon Sawyers from Virginia Tech reported a
vulnerability in Horizon. By injecting Angularjs template in dashboard
forms, such as image's description, an authenticated user may trigger
a cross-site-scripting vulnerability when another user browses the
affected pages. It may result in potential assets theft like user
access credentials. All Horizon setups are affected.


Patches
~~~~~~~
- https://review.openstack.org/329997 (Liberty)
- https://review.openstack.org/329996 (Mitaka)
- https://review.openstack.org/329998 (Newton)


Credits
~~~~~~~
- Beth Lancaster from Virginia Tech (CVE-2016-4428)
- Brandon Sawyers from Virginia Tech (CVE-2016-4428)


References
~~~~~~~~~~
- https://bugs.launchpad.net/bugs/1567673
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428

--
Tristan Cacqueray
OpenStack Vulnerability Management Team


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ