Red Hat Bugzilla – Bug 1313517
(CVE-2016-2103) Satellite 5: multiple XSS vulnerabilities
Last modified: 2016-04-04 11:37:08 EDT
+++ This bug was initially created as a clone of Bug #1305681 +++
Multiple XSS vulnerabilities have been reported in Satellite 5:
/rhn/systems/PhysicalList.do list_1680466951_oldfilterval (Parameter)
/rhn/systems/VirtualSystemsList.do VirtualSystemsList.do (Page)
--- Additional comment from Grant Gainey on 2016-02-15 16:09:25 EST ---
List-tag parameters and pagination - I believe we can fix these all at once with code in ListDisplayTag
Kurt - Do we have a specific reproducer for VirtualSystemList? SO far I haven't been able to force a problem.
--- Additional comment from Grant Gainey on 2016-02-16 17:00:42 EST ---
Teaching ListTagHelper.getFilterValue() to htmlEscape results fixes the problem for all places where we use ListTag.
--- Additional comment from Kurt Seifried on 2016-02-20 22:37:17 EST ---
(In reply to Grant Gainey from comment #2)
> List-tag parameters and pagination - I believe we can fix these all at once
> with code in ListDisplayTag
> Kurt - Do we have a specific reproducer for VirtualSystemList? SO far I
> haven't been able to force a problem.
I don't have anything more than what I put in this bug unfortunately.
Interestingly-subtle side-effect of AlphaBar handling
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.