Back to bug 1305786
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Martin Prpič | 2016-02-09 08:59:43 UTC | Priority | unspecified | medium |
| Severity | unspecified | medium | ||
| Tomas Jelinek | 2016-02-09 09:10:15 UTC | Status | NEW | ASSIGNED |
| Radek Steiger | 2016-02-09 09:14:21 UTC | CC | rsteiger | |
| Tomas Jelinek | 2016-02-15 14:39:25 UTC | Status | ASSIGNED | POST |
| Doc Text | Cause: User enters username containing HTML code to login page and submits the login form. Consequence: Login page reloads showing an error message informing about unsuccessful login. HTML code in username is interpreted as part of the page. Fix: Properly sanitize username when rendering it in login page. Result: Username cannot be used for HTML injection anymore. |
|||
| Sat6QE Jenkins | 2016-03-28 20:15:54 UTC | Status | POST | MODIFIED |
| Mike McCune | 2016-03-28 23:40:50 UTC | Status | MODIFIED | POST |
| Ivan Devat | 2016-05-31 12:30:41 UTC | Status | POST | MODIFIED |
| Fixed In Version | pcs-0.9.151-1.el7 | |||
| errata-xmlrpc | 2016-05-31 13:23:34 UTC | Status | MODIFIED | ON_QA |
| Radek Steiger | 2016-09-12 12:47:03 UTC | Status | ON_QA | VERIFIED |
| errata-xmlrpc | 2016-11-02 14:36:22 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2016-11-03 20:57:15 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-03 16:57:15 UTC |
Back to bug 1305786