A vulnerability, reflected cross site scripting in getcookies?url= endpoint in CA was reported in pki-core
Acknowledgments: Name: Pritam Singh (Red Hat)
Statement: This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.
Created pki-core tracking bugs for this issue: Affects: fedora-all [bug 1798039]
Do you know if this was reported in the upstream issue tracker and there is a fix?
Upstream is aware. There is currently no fix. I will check for upstream issue tracker. However, the security consequences are very limited. e.g. : Thanks to the webUI using client side TLS authentication, stealing a cookie will not be of much use to the attacker. At the moment, the only concern is about defacing. If/when there is a fix upstream, it will be posted on this bug tracker. I hope this helps!
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-10221
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4847 https://access.redhat.com/errata/RHSA-2020:4847
Upstream fix: https://github.com/dogtagpki/pki/commit/56b8375e6e02d69df427c768e2e792c4bca4b089
*** Bug 1902050 has been marked as a duplicate of this bug. ***
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Extended Update Support Via RHSA-2021:0819 https://access.redhat.com/errata/RHSA-2021:0819
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:0851 https://access.redhat.com/errata/RHSA-2021:0851
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Extended Update Support Via RHSA-2021:0975 https://access.redhat.com/errata/RHSA-2021:0975