Cross Site Scripting Possibility
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Poppy |
Fix Released
|
High
|
Amit Gandhi |
Bug Description
Many fields of the API accept inputs commonly used in XSS attacks. This can create a vulnerability within any consuming UI.
All user input should be validated for its expected type, range, format and length.
Fields affected:
name:
domains: domain
origins: origin
caching: name
caching: rules: request_url
caching: rules: name
EXAMPLE:
1. REQUEST (caching: name):
POST /v1.0/services HTTP/1.1
{"domains": [{"domain": "mywebsite.com"}], "caching": [{"name": "default", "ttl": 3600}, {"rules": [{"request_url": "/index.htm", "name": "index"}], "name": "<SCRIPT SRC=http://
3. REQUEST:
GET /v1.0/services/
4. RESPONSE:
HTTP/1.1 200 OK
{"name": "shortname", "domains": [{"domain": "mywebsite.com", "protocol": "http"}], "origins": [{"origin": "mywebsite1.com", "port": 443, "ssl": false, "rules": []}], "restrictions": [], "caching": [{"name": "default", "ttl": 3600}, {"name": "<SCRIPT SRC=http://
Changed in poppy: | |
status: | Fix Committed → Fix Released |
Fixed by https:/ /review. openstack. org/#/c/ 145028/