⚲

Project

General

Profile

Sign in
Register

Home
Projects
Help

Search:

Rudder

Rudder

Overview
Activity
Roadmap
Issues
Repository

Custom queries

8.1 beta
Bugs triage
CS - by priority
CS - to review
My TR
Need technical review
Open bugs (all)
Open bugs (UI - UX)
Open UX defects (all)
Opened by users

Actions

Bug #21442

closed

Various XSS vulnerabilities in the interface

Added by Alexis Mousset over 2 years ago. Updated over 1 year ago.

Status:

Resolved

Priority:

N/A

Assignee:

François ARMAND

Category:

Security

Target version:

Pull Request:

Severity:

Critical - prevents main use of Rudder | no workaround | data loss | security

UX impact:

User visibility:

Effort required:

Priority:

0

Name check:

To do

Fix check:

To do

Regression:

No

Description

With information from nodes:

When running a remote run from the interface the output is not escaped
In node details, the software tab information are not escaped
In all nodes list (Nodes, Groups pages, etc.), the OS column is not escaped

(the last too are also visible for pending nodes so it can be trigerred from anyone in the allowed networks.

and with lower impact (potential privilege escalation inside Rudder):

tags in rules and directives, when hovering the tag in the lists (directives and rules pages)
api accounts details when hovering

Files

Download all files

Screenshot from 2022-07-20 17-23-25.png (47.6 KB) Screenshot from 2022-07-20 17-23-25.png		Alexis Mousset, 2022-07-20 17:23
injection.json (662 Bytes) injection.json		Nicolas CHARLES, 2022-07-20 17:28

Subtasks 17 (0 open — 17 closed)

	Bug #21443: Vulnerability in elm virtual-dom	Released	François ARMAND				Actions
	Bug #21450: Vulnerability in elm virtual-dom - 7.0	Released	François ARMAND				Actions
	Bug #21453: Vulnerability in elm virtual-dom - 7.1	Released	François ARMAND				Actions
	Bug #21455: Vulnerability in elm virtual-dom - 7.2	Released	François ARMAND				Actions
	Rudder plugins - Bug #21456: Vulnerability in elm virtual-dom - 7.2 - plugins	Rejected					Actions
	Bug #21449: Software inventory name and version XSS	Released	Alexis Mousset				Actions
	Bug #21452: XSS in node list columns value in 6.2	Released	Alexis Mousset				Actions
	Bug #21457: XSS in remote-run	Released	Alexis Mousset				Actions
	Bug #21461: parent tiket broken the ouput	Released	François ARMAND				Actions
	Bug #21458: JS escape in tags	Released	Alexis Mousset				Actions
	Bug #21462: xss in tags tooltips	Released	Nicolas CHARLES				Actions
	Bug #21467: parent ticket didn't solve the issue in 7.0: tags are not safe in rule page (tree, rule & and directive tags in rule details)	Rejected					Actions
	Bug #21468: XSS in API account description	Released	François ARMAND				Actions
	Bug #21469: XSS in API directive tags in rules page	Released	François ARMAND				Actions
	Bug #21474: CSS for tags is broken	Released	Alexis Mousset				Actions
	Bug #21471: XSS in node details tooltip and node column title in 7.0	Released	Alexis Mousset				Actions
	Bug #21473: Machine ID style is broken by parent	Released	Alexis Mousset				Actions

Related issues 1 (0 open — 1 closed)

Related to Rudder - Bug #19456: Lack of HTML escaping in nodes list

Released

Nicolas CHARLES

Issue # Delay: days Cancel

History
Property changes

Actions

#1

Updated by Alexis Mousset over 2 years ago

File Screenshot from 2022-07-20 17-23-25.png Screenshot from 2022-07-20 17-23-25.png added

Actions

#2

Updated by Nicolas CHARLES over 2 years ago

File injection.json injection.json added

Actions

#3

Updated by Alexis Mousset over 2 years ago

Subject changed from Remote run output displays allows JS injections to Various XSS vulnerabilities in the interface

Actions

#4

Updated by Alexis Mousset over 2 years ago

Description updated (diff)

Actions

#5

Updated by Alexis Mousset over 2 years ago

Subtask #21443 added

Actions

#6

Updated by François ARMAND over 2 years ago

Status changed from New to In progress
Assignee set to François ARMAND

Actions

#7

Updated by François ARMAND over 2 years ago

Related to Bug #19456: Lack of HTML escaping in nodes list added

Actions

#8

Updated by Alexis Mousset over 2 years ago

Description updated (diff)

Actions

#9

Updated by François ARMAND over 2 years ago

Subtask #21449 added

Actions

#10

Updated by François ARMAND over 2 years ago

Subtask #21452 added

Actions

#11

Updated by François ARMAND over 2 years ago

Subtask #21457 added

Actions

#12

Updated by François ARMAND over 2 years ago

Subtask #21458 added

Actions

#13

Updated by Nicolas CHARLES over 2 years ago

Subtask #21462 added

Actions

#14

Updated by Alexis Mousset over 2 years ago

Subtask #21468 added

Actions

#15

Updated by François ARMAND over 2 years ago

Subtask #21471 added

Actions

#16

Updated by Alexis Mousset over 2 years ago

Subtask #21469 added

Actions

#17

Updated by Alexis Mousset almost 2 years ago

Status changed from In progress to Resolved
Regression set to No

Actions

#18

Updated by Alexis Mousset over 1 year ago

Target version changed from old 6.1 issues to relocate to 6.1.21

Actions

#19

Updated by Alexis Mousset over 1 year ago

Private changed from Yes to No

Actions

Also available in: Atom PDF

Powered by Redmine © 2006-2024 Jean-Philippe Lang

Loading...