Bug 1007482 - CVE-2013-4181 ovirt-engine: RedirectServlet cross-site scripting flaw
Summary: CVE-2013-4181 ovirt-engine: RedirectServlet cross-site scripting flaw
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: oVirt
Classification: Retired
Component: ovirt-engine-core
Version: unspecified
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: ---
Assignee: Alexander Wels
QA Contact:
URL:
Whiteboard: ux
Depends On:
Blocks: CVE-2013-4181
TreeView+ depends on / blocked
 
Reported: 2013-09-12 14:53 UTC by Petr Matousek
Modified: 2013-09-23 07:26 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-09-23 07:26:39 UTC
oVirt Team: ---


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
oVirt gerrit 19152 None None None Never
oVirt gerrit 19153 None None None Never
oVirt gerrit 19155 None None None Never
oVirt gerrit 19156 None None None Never

Description Petr Matousek 2013-09-12 14:53:24 UTC
A cross-site scripting (XSS) flaw was found in the RedirectServlet of the oVirt Engine. A remote attacker could provide a specially-crafted link, that when visited by an unsuspecting oVirt user would lead to arbitrary script execution in the context of the oVirt domain.  Access to the RedirectServer does not require authentication.

Comment 1 Itamar Heim 2013-09-15 07:42:56 UTC
einav - this gerrit ID is for master.
for bug to be ON_QA it should be in the 3.3 branch (and have a build with it?

Comment 2 Einav Cohen 2013-09-16 17:20:08 UTC
(In reply to Itamar Heim from comment #1)
> einav - this gerrit ID is for master.
> for bug to be ON_QA it should be in the 3.3 branch (and have a build with it?

I haven't actually put it on ON_QA, nevertheless:
- patch has been merged to every possible branch, not only "master" (will update the External Tracker shortly)
- http://lists.ovirt.org/pipermail/users/2013-September/016268.html (3.2 Async announcement)
- http://lists.ovirt.org/pipermail/users/2013-September/016269.html (3.3 announcement)

Comment 3 Itamar Heim 2013-09-23 07:26:39 UTC
closing as this should be in 3.3 (doing so in bulk, so may be incorrect)


Note You need to log in before you can comment on or make changes to this bug.