Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2017-1002152: JavaScript injection via Bugzilla ticket subjects #1740

Closed
bowlofeggs opened this issue Aug 10, 2017 · 1 comment · Fixed by #1755
Closed

CVE-2017-1002152: JavaScript injection via Bugzilla ticket subjects #1740

bowlofeggs opened this issue Aug 10, 2017 · 1 comment · Fixed by #1755
Assignees
Labels
bugzilla Issues related to Bodhi's integration with Bugzilla EasyFix These are good issues to get started with if you are new to the project High priority These issues are higher priority than normal WebUI Issues pertaining to Bodhi's web interface

Comments

@bowlofeggs
Copy link
Member

Marcel reported that it is possible to inject JavaScript into Bodhi's web interface through Bugzilla ticket subjects. The reporter cited an update that did not properly escape tags from the bug it was associated with.

We should run the bugzilla text through bleach, similar to what we do for comments from our users.

@bowlofeggs bowlofeggs added bugzilla Issues related to Bodhi's integration with Bugzilla EasyFix These are good issues to get started with if you are new to the project High priority These issues are higher priority than normal WebUI Issues pertaining to Bodhi's web interface labels Aug 10, 2017
@bowlofeggs bowlofeggs self-assigned this Aug 15, 2017
bowlofeggs added a commit to bowlofeggs/bodhi that referenced this issue Aug 15, 2017
fixes fedora-infra#1740

Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
bowlofeggs added a commit to bowlofeggs/bodhi that referenced this issue Aug 15, 2017
fixes fedora-infra#1740

Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
bowlofeggs added a commit that referenced this issue Aug 15, 2017
fixes #1740

Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
bowlofeggs added a commit that referenced this issue Aug 15, 2017
fixes #1740

Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
@bowlofeggs
Copy link
Member Author

The fix for this has been cherry picked to the 2.9 branch as 2a3b06b and will be released in 2.9.1.

jeremycline pushed a commit that referenced this issue Aug 16, 2017
fixes #1740

Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bugzilla Issues related to Bodhi's integration with Bugzilla EasyFix These are good issues to get started with if you are new to the project High priority These issues are higher priority than normal WebUI Issues pertaining to Bodhi's web interface
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant