In Openstack Horizon component it was observed that the application is taking input from URL and reflecting it into the webpage
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Undecided
|
Ivan Kolodyazhny | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Impact:
An attacker can use text injection vulnerability to present a customized message on the application that can phish users into believing that the message is legitimate. The intent is typical to tick victims, although sometimes the actual purpose may be to simply misrepresent the organization or an individual. This attack is typically used as, or in conjunction with, social engineering because the attack is exploiting a code-based vulnerability and a user’s trust
Recommendation:
It is recommended not to take user input and reflect to the webpage via parameter. It would a better option if these contents can be hardcoded into the codebase.
Affected Parameter:
csrf_failure
POC:
Navigate to https:/
The malicious content will get injection into the web-page.
Changed in horizon: | |
assignee: | nobody → Ivan Kolodyazhny (e0ne) |
Since this report concerns a possible security risk, an incomplete
security advisory task has been added while the core security
reviewers for the affected project or projects confirm the bug and
discuss the scope of any vulnerability along with potential
solutions.