Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-25329

Ambari breadcrumbs xss vulnerability

    XMLWordPrintableJSON

    Details

      Description

      Special characters should be encoded when displayed in Ambari Views.

      If special characters are not encoded, then scripts (<script>alert("xss!")</script>) may be executed due to user input. For example, issues may occur by placing special character in the Display Name field of an Ambari View.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                aantonenko Antonenko Alexander
                Reporter:
                aantonenko Antonenko Alexander
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h