Bug #17641
closed
Markdown descriptions in directives and groups are evaluated, resulting in Javascript execution
Added by Nicolas CHARLES almost 4 years ago.
Updated 9 months ago.
Description
We can use markdown for Directives and Groups description, to have more friendly description
However, it's possible to put script with this markdown, that gets executed when displaying the group or directive details (and also in change request list)
This ticket fixes the issue by using the showdown xss filter to prevent evaluation of javascript in markdown
- Description updated (diff)
- Subject changed from description in directives are evaluated, and we can inject whatever we want to description in directives and groups are evaluated, and we can inject whatever we want
- Status changed from New to In progress
- Assignee set to Nicolas CHARLES
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/3060
- Status changed from Pending technical review to Pending release
- Subject changed from description in directives and groups are evaluated, and we can inject whatever we want to Markdown descriptions in directives and groups are evaluated, resulting in Javascript execution
- Description updated (diff)
This bug has been fixed in Rudder 6.0.7 and 6.1.1 which were released today.
- Status changed from Pending release to Released
- Private changed from Yes to No
Also available in: Atom
PDF
Updated by 
Updated by