Bug #21471: XSS in node details tooltip and node column title in 7.0 - Rudder - Issue Tracker

Actions

Copy link

Bug #21471

closed

Bug #21442: Various XSS vulnerabilities in the interface

XSS in node details tooltip and node column title in 7.0

Added by François ARMAND over 2 years ago. Updated over 1 year ago.

Status:

Released

Priority:

N/A

Assignee:

Alexis Mousset

Category:

Security

Target version:

7.0.5

Pull Request:

https://github.com/Normation/rudder/p...

Severity:

UX impact:

User visibility:

Effort required:

Priority:

Name check:

To do

Fix check:

To do

Regression:

Description

Some more JS not escaped in rudder 7.0:

- column title
- node details info available in tooltip

Subtasks 1 (0 open — 1 closed)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #21471

XSS in node details tooltip and node column title in 7.0

Updated by François ARMAND over 2 years ago

Updated by François ARMAND over 2 years ago

Updated by Anonymous over 2 years ago

Updated by Alexis Mousset over 2 years ago

Updated by Alexis Mousset over 2 years ago

Updated by Alexis Mousset over 2 years ago

Updated by Alexis Mousset over 1 year ago