Bug 1315398 - (CVE-2016-2144) Sat5: XSS in uset details
Sat5: XSS in uset details
Status: CLOSED DUPLICATE of bug 1181472
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20160207,repor...
: Security
Depends On: 1181152
Blocks: 1305684
  Show dependency treegraph
 
Reported: 2016-03-07 11:11 EST by Kurt Seifried
Modified: 2016-11-08 10:56 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-03-08 11:34:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kurt Seifried 2016-03-07 11:11:11 EST
Jan Hutař of Red Hat reports a XSS vulnerability in the handling of the users first and last name within the Web UI.

External reference:
spacewalk git dd418384171473c3e31386a1b4792f8c555dc744
spacewalk git f3792c79c1c251a49cc4e382be8591636326a794
Comment 1 Kurt Seifried 2016-03-07 11:11:21 EST
Acknowledgments:

Name: Jan Hutař (Red Hat)
Comment 2 Kurt Seifried 2016-03-08 11:34:09 EST

*** This bug has been marked as a duplicate of bug 1181472 ***
Comment 3 Adam Mariš 2016-03-09 10:47:20 EST
CVE-2016-2144 was rejected. Reason: Duplicate of CVE-2015-0284

Note You need to log in before you can comment on or make changes to this bug.