Cross-site scripting vulnerability was found in pcs due to improper validation of Node name field when creating new cluster or adding existing cluster. Upstream fix : * web UI: fixed XSS vulnerability https://github.com/ClusterLabs/pcs/commit/1874a769b5720ae5430f10c6cedd234430bc703f
Acknowledgments: Name: Microsoft
Created pcs tracking bugs for this issue: Affects: fedora-all [bug 1434111]
Created attachment 1265070 [details] proposed fix