You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2019/01/10 17:39:00 UTC

[jira] [Comment Edited] (AMBARI-24419) XSS attack in Ambari Config History

    [ https://issues.apache.org/jira/browse/AMBARI-24419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694707#comment-16694707 ] 

Robert Levas edited comment on AMBARI-24419 at 1/10/19 5:38 PM:
----------------------------------------------------------------

[~juliaw]...

Thanks for the report.  Can you email this to [security@apache.org|mailto:security@apache.org] and [private@ambari.apache.org|mailto:private@ambari.apache.org] with details on how to reproduce the issue.  Do not add these details here since we do not want such information out in the public until the vulnerability is fixed. 

 


was (Author: rlevas):
[~juliaw]...

Thanks for the report.  Can you email this to [security@apache.org|mailto:security@apache.org] and [private@ambari.apache.org|mailto:private@ambari.apache.org] with details on how to reproduce the issue.  Do not add these details here since we do not want suck information out in the public until the vulnerability is fixed. 

 

> XSS attack in Ambari Config History
> -----------------------------------
>
>                 Key: AMBARI-24419
>                 URL: https://issues.apache.org/jira/browse/AMBARI-24419
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-client
>    Affects Versions: 2.7.1
>            Reporter: Julia
>            Assignee: Robert Levas
>            Priority: Critical
>
> It is possible for an attacker to steal information or access from users by executing malicious JavaScript. This is possible due to the use of a javascript "eval()" function when loading the notes from config history change. Leveraging this one user could create a malicious history entry to steal access or information of another user. Upon viewing the malicious historical entry the victim would be comprimised by directly scraping any information on the page, modify its appearance, or having their session information stolen.
>  
>   !https://msdata.visualstudio.com/0cd33d4d-ce7c-416d-ab00-26e15edb66e6/_apis/wit/attachments/81b481b3-397c-442e-b0aa-199ff793a05d?fileName=attachfilehandler%20%283%29.png!
>  
>  
> fg
>  
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)