[dev.icinga.com #10453] Icinga Classic-UI 1.13.3 and older are vulnerable to XSS - CVE-2015-8010 #1563
Comments
Updated by ricardo on 2015-10-23 20:58:15 +00:00
Now fixed in "fix/xxs-vulnerability-in-classic-ui-10453" |
Updated by ricardo on 2015-10-23 21:02:57 +00:00 Just sent out request for CVE. Will update this issue once CVE is assigned. Cheers |
Updated by ricardo on 2015-10-23 21:28:59 +00:00
|
Updated by mfriedrich on 2015-10-26 08:04:42 +00:00 Please just merge it to master, you're responsible for Classic UI. I won't look into 1.x in detail, just one thing is missing for 1.14 - the IDO schema updates coming from 2.x |
Updated by mfriedrich on 2015-10-26 08:18:45 +00:00
|
Updated by mfriedrich on 2015-10-26 08:19:27 +00:00 Please edit the issue's subject with the CVE number once assigned. Then we may generate the changelog from redmine issues accordingly. |
Updated by ricardo on 2015-10-29 19:14:21 +00:00 Hi, still waiting for a CVE number to be assigned. Will update and merge as soon as I get one. Cheers |
Updated by mfriedrich on 2015-10-29 21:31:06 +00:00 Seems it is there, go on please. |
Updated by ricardo on 2015-10-30 20:09:53 +00:00
We got a CVE to track this issue. now in current master |
Updated by ricardo on 2015-10-30 20:10:07 +00:00
Applied in changeset 31dd493. |
Updated by mfriedrich on 2015-10-30 20:23:57 +00:00 Thanks. I'm planning to release 1.14 either before or after icinga2 v2.4 (ido schema compatibilty). I'll talk to the web devs if they are ready as well. |
Updated by ricardo on 2015-10-30 20:55:13 +00:00
And here a patch against 1.11.6 for the debian folks. this should apply cleanly. |
Updated by mfriedrich on 2015-10-30 22:14:06 +00:00 |
This issue has been migrated from Redmine: https://dev.icinga.com/issues/10453
Created by ricardo on 2015-10-23 20:24:35 +00:00
Assignee: ricardo
Status: Resolved (closed on 2015-10-30 20:10:07 +00:00)
Target Version: 1.14
Last Update: 2015-10-30 22:14:06 +00:00 (in Redmine)
Due to my bad programming skills I introduced a XSS vulnerability in Classic-UI with the CSV export link and pagination feature.
This got originally introduced with this issue https://dev.icinga.org/issues/593 and version 1.3.
Example: http://classic.demo.icinga.org/icinga/cgi-bin/status.cgi?host=all&'onmouseover='prompt(25435);'bad='
I already wrote a fix which just needs to commitet.
Hopefully this fix can make it into 1.14.0.
Thanks to T-Systems Germany for finding it.
Cheers
Ricardo
Attachments
Changesets
2015-10-23 20:26:12 +00:00 by ricardo 5c816f5
2015-10-30 20:05:17 +00:00 by ricardo 31dd493
The text was updated successfully, but these errors were encountered: