Bug 1159053

Summary: Potential XSS problems in spacewalk-java
Product: [Community] Spacewalk Reporter: Stephen Herr <sherr>
Component: ServerAssignee: Michael Mráka <mmraka>
Status: CLOSED CURRENTRELEASE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.2   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: spacewalk-java-2.2.125-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-31 12:49:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1207293    

Description Stephen Herr 2014-10-30 19:05:36 UTC 
Description of problem:
There were two potential Cross-Site Scripting problems in spacewalk-java that would allow an authenticated user to run arbitrary javascript.

One was a Stored XSS flaw related to Kickstart Snippets.

The other was a Reflected XSS flaw related to list sorting attributes.

See https://access.redhat.com/security/cve/CVE-2014-3654 for more details.
Comment 1 Stephen Herr 2014-10-30 19:09:55 UTC 
Committing to Spacewalk master:
3f09a66059315894bae4ae4675ff51fe569b874e

Cherry-picking to Spacewalk 2.2:
Comment 2 Stephen Herr 2014-10-30 19:10:18 UTC 
Cherry-picking to Spacewalk 2.2:
5f2ce5937e3b89ea06b7f6e4fa1aaeb4695df249