oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request Openstack-infra puppet-gerrit module xss vulnerability

From: cve-assign () mitre org
Date: Wed, 22 Jun 2016 07:02:00 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


It was recently discovered that our puppet-gerrit module configures
Gerrit in a way which makes it vulnerable to a XSS attack. This stems
from our configuration marking text/html as a 'safe' mimetype

a user could
potentially craft a review which when visited at the proper url would
have access to the account information of any user visiting that url.

https://review.openstack.org/#/c/332219/
http://git.openstack.org/cgit/openstack-infra/puppet-gerrit/commit/?id=8573c2ee172f66c1667de49685c88fdc8883ca8b



-[mimetype "text/html"]
-        safe = true


Use CVE-2016-5737.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXam9xAAoJEHb/MwWLVhi2BAIP/A/nVfFm9lCU2/r5Hn7/CHJ3
eZkfmbMZU6+GDNx6xp+5ZIu2OOWbEwmCh1daXxCu1z3YSVv/tq06nw5TZ57pufd/
K1vSdwwm54U1hdT8O/+TGV7tREVfyJMLncVIxwtctHOsnsODOQFCln89fpLYzObH
HOBOqii6TCqeyCyatjBsKRzIZz4Gy0FN+j3htWR6Ws+TDEujK/yjm/KeLak4QKp8
ZpVjxq3Cc9HmdQjnTR14uMNr1gcEhvKW9yBjzERarJ7/vzoNQLfLzmVLAnqP7xQK
vixrgxrD8UNU15frbFfxJ2EQk9wP3j8tXYag8XlAWkjbr++2Fy5EuN68lSqxqfnC
cgVFvTjyO7ValKzkuCPUBiBEo0e2lvspxZaEIxrqC7VvXWdtuuqftDjOiZ6KI2xN
R0LpyPylYho5n1lMLI6iZv5XUNpdTkLHLhjAMAZ5oLqqVcoGEeg8orvoC25GZIZg
+BAmu4k8mhs9oDlFVzXyk4Xpt/E8PBqYcUpfIFGzPYI6N5UUGN1tJ1doj5UXzJ04
opmmz2X859F8JjXLPutxWxJzVIwo1gS+HTNMEzyvOBgaSTB/6dD4+tGy538AH4Zt
jtkhEMH8WiYp8hOJ4ShiVBYBkldfOv9ScQoD70UtndKbjJnY4tEutPajqrb09dvX
tPrQg6mNSnadZYUBFGHA
=OuaR
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: