Comment 4 for bug 1667086
Revision history for this message
| Morgan Fainberg (mdrnstm) wrote Re: XSS in federation mappings UI | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
While the scope of this is pretty narrow (the cloud admin needs to create a malicious mapping, and iirc only a cloud admin can see this), meaning it is not a practical exploit, it is likely a "Class A" vulnerability that will need to be fixed in all supported branches[1]. I am looking at this as a "Class A" because if a malicious mapping rule is created, it could result in actual exploitation of the XSS bug.
Horizon-Coresec, please confirm the affected versions and let me know if you concur with my assessment. If it is deemed to be completely impractical to exploit by the horizon coresec team, it could be classified as a "C1"[1].
Once the assessment is confirmed, we can continue with the process. I agree the fix is extremely simple (as indicated in #3).
[1] https:/