[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request --  Review Board: Stored XSS due improper sanitization of user's full
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2013-06-24 15:38:16
Message-ID: 51C867E8.6000301 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/24/2013 08:46 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> A persistent / stored cross-site scripting (XSS) flaw was found in 
> the way reviews dropdown of Review Board, a web-based code review
> tool, performed sanitization of certain user information (full
> name). A remote attacker could provide a specially-crafted URL
> that, when visited would lead to arbitrary HTML or web script
> execution in the context of Review Board user's session.
> 
> References: [1]
> http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.10/ 
> [2]
> http://www.reviewboard.org/docs/releasenotes/reviewboard/1.6.17/ 
> [3]
> http://www.reviewboard.org/news/2013/06/22/review-board-1617-and-1710-released/
>
> 
[4] https://bugzilla.redhat.com/show_bug.cgi?id=977423
> 
> Upstream patch: [5]
> https://github.com/reviewboard/reviewboard/commit/4aaacbb1e628a80803ba1a55703db38fccdf7dbf
>
>  Upstream acknowledges Craig Young at Tripwire as the original
> issue reporter.
> 
> Can you allocate a CVE identifier for this?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team
> 

Please use CVE-2013-2209 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRyGfoAAoJEBYNRVNeJnmTB8sQANp8mi2I7PKBGxCpb4PSWsDR
QP04iByU0D0xlGZbgGn7SJwws31n3uvWeDUYSTuG0Kvaqyi64rLcmRb2gN3onqzo
eO0+RYQryDl59mjUsIftUjyjL+DJ9fXLs37Zlfb9i0Q1tOCTBKd311vwLXqi+PSl
mQck+lADiac1njdcIx9xTr4Zufg3oJyw9P9QpkC3zAd3WbAQM/S3E7yBNCZLVoBf
LEO8Il/UTo8OoWKcQ+eSSlE2YNwz0ZULrti6iAkK5WClFdmGcg8fHuFokFn2On/+
IVaJYOZk9rhXR+KlPSSDtMf90026gYMP2fb7TpzsNOJYzxj4eERrEW+rFUgVMIMM
+gUbo9p1ML0zSnfBRx9gZPOQ+F2/hQcfbWu2MncqBK3ApvnvPPZgUR3jhNCfu6IQ
Y/j9cU9HK0/EOpIvze/986mMHDu7DBOt61Q3tC72jHx4bP9xnVxqI4LWobqb6GLP
xYlH3QFP+SKpxNA7KWuDQsLSUXU5pEz/lkFi1bcDL7l4rZ326KDTBUsBpG7cOdP5
J5REuW/lubaMrgTTiWS4erBGZhE5T5Und3j9Hh/vyHyJxml9WlEjsrltK6elh37R
RQymb/QLhN29CKZcBJbQlf2cQIS9k13C+WwIlceBxgy0oIe0H6mxp6OqLneCu87w
Dq0IYynHAU/we26y43LG
=F+nO
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]