Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <576407E6.6000706@redhat.com>
Date: Fri, 17 Jun 2016 14:23:34 +0000
From: Tristan Cacqueray <tdecacqu@...hat.com>
To: oss-security@...ts.openwall.com
Subject: [OSSA-2016-010] XSS in Horizon client side template (CVE-2016-4428)

==================================================
OSSA-2016-010: XSS in Horizon client side template
==================================================

:Date: June 15, 2016
:CVE: CVE-2016-4428


Affects
~~~~~~~
- Horizon: <=8.0.1, >=9.0.0 <=9.0.1


Description
~~~~~~~~~~~
Beth Lancaster and Brandon Sawyers from Virginia Tech reported a
vulnerability in Horizon. By injecting Angularjs template in dashboard
forms, such as image's description, an authenticated user may trigger
a cross-site-scripting vulnerability when another user browses the
affected pages. It may result in potential assets theft like user
access credentials. All Horizon setups are affected.


Patches
~~~~~~~
- https://review.openstack.org/329997 (Liberty)
- https://review.openstack.org/329996 (Mitaka)
- https://review.openstack.org/329998 (Newton)


Credits
~~~~~~~
- Beth Lancaster from Virginia Tech (CVE-2016-4428)
- Brandon Sawyers from Virginia Tech (CVE-2016-4428)


References
~~~~~~~~~~
- https://bugs.launchpad.net/bugs/1567673
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4428

--
Tristan Cacqueray
OpenStack Vulnerability Management Team


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.