Uploaded image for project: 'OCMUI - OpenShift Cluster Manager UI'
  1. OCMUI - OpenShift Cluster Manager UI
  2. OCMUI-1550

CVE-2016-3709 libxml2: Incorrect server side include parsing can lead to XSS [services-openshift-cluster-manager-default]

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • OCM Core Sprint 251

      Security Tracking Issue

      Do not make this issue public.

      Impact: Moderate
      Reported Date: 01-Aug-2022
      Resolve Bug By: 28-Jan-2023

      In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug.

      Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9RBqB

      Flaw:

      CVE-2016-3709 libxml: Incorrect server side include parsing can lead to XSS
      https://bugzilla.redhat.com/show_bug.cgi?id=2112766

      Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

      https://mail.gnome.org/archives/xml/2018-January/msg00010.html

            rh-ee-egilman Liza Gilman
            rhn-support-mjuneau Matthew Juneau
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: