[AMBARI-24420] XSS in Ambari Add Host Wizard - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Critical
Resolution: Unresolved
Affects Version/s: 2.7.1
Fix Version/s: None
Component/s: ambari-client
Labels:
None

Description

It is possible for an attacker to steal information or access from users by executing malicious JavaScript. This is possible due to the use of a javascript "eval()" function when loading the SSH private key. Leveraging this any malicious data in any file uploaded, not just private keys, would execute. In the case of private keys, malicious script in the metadata of the key would execute. An attacker could directly scrap and information on the page, modify its appearance, or steal the users sessions information.

Repro:

https://xxxxx.azurehdinsight.net/#/main/host/add/step1

Attachments

Activity

People

Assignee:: Robert Levas

Reporter:: Julia Wang

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 08/Aug/18 01:45

Updated:: 10/Jan/19 17:38