Project

General

Profile

Actions
Copy link

Bug #22042

closed

CVE-2017-12175 - XSS in discovery rule filter autocomplete functionality

Added by Daniel Lobato Garcia over 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Ido Kanner
Category:
Discovery plugin
Difficulty:
Triaged:
Bugzilla link:
1498976
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Jan Hutaƙ of Red Hat reports:

There is a XSS possible in discovery rule when you are entering filter and you use autocomplete functionality

Files

bug #22042 resolved.png View bug #22042 resolved.png 144 KB Ido Kanner, 04/17/2018 10:59 AM
Actions
Copy link
 #1

Updated by Daniel Lobato Garcia over 6 years ago

  • Subject changed from CVE-2017-12175 - XSS in discovery rule filter autocomplete functionality to CVE-2017-12175 - XSS in discovery rule filter autocomplete functionality
  • Category set to Discovery plugin
Actions
Copy link
 #2

Updated by Ido Kanner about 6 years ago

  • Assignee set to Ido Kanner
Actions
Copy link
 #3

Updated by Ido Kanner about 6 years ago

I have tested it, and it looks like it was resolved

Actions
Copy link
 #4

Updated by Lukas Zapletal about 6 years ago

Thanks, I wonder which core patch fixed this, we need to know.

Actions
Copy link

Also available in: Atom PDF