Comment 5 for bug 1667086
Revision history for this message
| Rob Cresswell (robcresswell-deactivatedaccount) wrote Re: XSS in federation mappings UI | #5 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
The scope is very narrow here. The mappings list is admin only by default, so in most situations I would imagine this could only be implemented by admins and only affect other admins. It could be used maliciously, but frankly I'd imagine if an admin wanted to break something in your cloud, there are easier ways.
That said, the fix is so trivial that I'm happy to backport to all supported releases. Thoughts?