A flaw was found in the pki-kra package. A cross-site scripting issue in the key recover feature of the pki agent can be used to execute Javascript on the key recovery page.
Acknowledgments: Name: Pritam Singh (Red Hat)
Statement: This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.
Do you know if this was reported in the upstream issue tracker and there is a fix?
(In reply to Salvatore Bonaccorso from comment #6) > Do you know if this was reported in the upstream issue tracker and there is > a fix? Hi Cedric, can you help with this?
Pedro, Salvatore, Upstream Dogtag developer here. There is currently no upstream tracker. When one is created, I'll post it here. Thanks, Alex
Any update on this one? I haven't seen it upstream or NVD.
(In reply to Nicholas Luedtke from comment #12) > Any update on this one? I haven't seen it upstream or NVD. The upstream fix has been pushed : https://github.com/dogtagpki/pki/commit/b3514113c867c9394dd84e313c55dc66f3e846b6
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-1721
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4847 https://access.redhat.com/errata/RHSA-2020:4847
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Extended Update Support Via RHSA-2021:0819 https://access.redhat.com/errata/RHSA-2021:0819
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:0851 https://access.redhat.com/errata/RHSA-2021:0851
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Extended Update Support Via RHSA-2021:0975 https://access.redhat.com/errata/RHSA-2021:0975