Bug 813391 (CVE-2012-2094) - CVE-2012-2094 python-django-horizon: XSS vulnerability in Horizon log viewer
Summary: CVE-2012-2094 python-django-horizon: XSS vulnerability in Horizon log viewer
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2012-2094
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 813453 856739
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-04-17 16:04 UTC by Pádraig Brady
Modified: 2019-09-29 12:52 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-09-12 17:38:41 UTC


Attachments (Terms of Use)
proposed fix (776 bytes, patch)
2012-04-17 16:04 UTC, Pádraig Brady
no flags Details | Diff

Description Pádraig Brady 2012-04-17 16:04:08 UTC
Created attachment 578085 [details]
proposed fix

This is an advance warning of a vulnerability discovered in OpenStack,
to give you, as downstream stakeholders, a chance to coordinate the
release of fixes and reduce the vulnerability window. Please treat the
following information as confidential until the proposed public
disclosure date.

Title: XSS vulnerability in Horizon log viewer
Impact: High
Reporter: J. Daniel Schmidt <jdsn@suse.de>
Products: Horizon
Affects: All versions

Description:
J. Daniel Schmidt reported a vulnerability in Horizon. He noted that
the log viewer refreshing mechanism does not escape the data fetched
from guest consoles. This means that HTML with Javascript code gets
interpreted as such, resulting in the ability to inject code into a
dashboard session.

Proposed public disclosure date/time:
Tuesday, April 17th, 1500UTC
Please do not make the issue public (or release public patches) before
this coordinated embargo date.

Comment 2 Pádraig Brady 2012-04-17 22:22:08 UTC
Yes F17 only. This can now be made public

Comment 4 Kurt Seifried 2012-09-12 17:38:29 UTC
Also fixed in F17:
https://bugzilla.redhat.com/show_bug.cgi?id=813453


Note You need to log in before you can comment on or make changes to this bug.