oss-sec mailing list archives
Re: CVE request: XSS flaws fixed in ganglia
From: Salvatore Bonaccorso <carnil () debian org>
Date: Thu, 21 Feb 2013 12:48:11 +0100
Hi Raphael On Thu, Feb 21, 2013 at 11:47:10AM +0100, Raphael Geissert wrote:
Hi, On 8 February 2013 19:06, Vincent Danen <vdanen () redhat com> wrote:A number of XSS issues were fixed in ganglia's web ui: https://github.com/ganglia/ganglia-web/commit/31d348947419058c43b8dfcd062e2988abd5058eI've a hunch that there are a few issues with the changes. A quick look at the patch shows that the change here breaks the preg_replace call: - $query_string = preg_replace("/(&trendhistory=)(\d+)/", "", $query_string); + $query_string = preg_replace("/(&trendhistory=)(\d+)/", "", htmlspecialchars($query_string, ENT_QUOTES) ); It looks as if the htmlspecialchars call was misplaced. Not that it is a security issue, but it's a bug. Can anyone forward this upstream? I will try to take a look at the rest of the patch later.
Done as issue #157 for ganglia-web[1]. [1]: https://github.com/ganglia/ganglia-web/issues/157 Regards, Salvatore
Current thread:
- CVE request: XSS flaws fixed in ganglia Vincent Danen (Feb 08)
- Re: CVE request: XSS flaws fixed in ganglia Kurt Seifried (Feb 08)
- Re: CVE request: XSS flaws fixed in ganglia Raphael Geissert (Feb 21)
- Re: CVE request: XSS flaws fixed in ganglia Salvatore Bonaccorso (Feb 21)
- Re: CVE request: XSS flaws fixed in ganglia Raphael Geissert (Feb 21)
- Re: CVE request: XSS flaws fixed in ganglia Kurt Seifried (Feb 26)
- Re: CVE request: XSS flaws fixed in ganglia Raphael Geissert (Mar 20)