Date: Fri, 17 Jun 2016 14:23:34 +0000 From: Tristan Cacqueray <tdecacqu@...hat.com> To: oss-security@...ts.openwall.com Subject: [OSSA-2016-010] XSS in Horizon client side template (CVE-2016-4428) ================================================== OSSA-2016-010: XSS in Horizon client side template ================================================== :Date: June 15, 2016 :CVE: CVE-2016-4428 Affects ~~~~~~~ - Horizon: <=8.0.1, >=9.0.0 <=9.0.1 Description ~~~~~~~~~~~ Beth Lancaster and Brandon Sawyers from Virginia Tech reported a vulnerability in Horizon. By injecting Angularjs template in dashboard forms, such as image's description, an authenticated user may trigger a cross-site-scripting vulnerability when another user browses the affected pages. It may result in potential assets theft like user access credentials. All Horizon setups are affected. Patches ~~~~~~~ - https://review.openstack.org/329997 (Liberty) - https://review.openstack.org/329996 (Mitaka) - https://review.openstack.org/329998 (Newton) Credits ~~~~~~~ - Beth Lancaster from Virginia Tech (CVE-2016-4428) - Brandon Sawyers from Virginia Tech (CVE-2016-4428) References ~~~~~~~~~~ - https://bugs.launchpad.net/bugs/1567673 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428 -- Tristan Cacqueray OpenStack Vulnerability Management Team Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.