Uploaded image for project: 'ONAP JIRA Security Issues'
  1. ONAP JIRA Security Issues
  2. OJSI-15

XSS vulnerabilities in ONAP Portal (CVE-2019-12317)

CloneClone+Clone++
    XMLWordPrintable

    Details

    • OJSI CVE:
      CVE-2019-12317
    • OJSI Impact Description:
      Hide

      Title: Number of XSS vulnerabilities in Portal

      Reporter: Jakub Botwicz from Samsung

      Products: Portal

      Affects: Dublin and earlier

      Description:

      Jakub Botwicz from Samsung reported a number of vulnerabilities in ONAP Portal. By providing a crafted user input, an attacker is able to execute a script with the rights of other user. All ONAP setups are affected.

      Show
      Title: Number of XSS vulnerabilities in Portal Reporter: Jakub Botwicz from Samsung Products: Portal Affects: Dublin and earlier Description: Jakub Botwicz from Samsung reported a number of vulnerabilities in ONAP Portal. By providing a crafted user input, an attacker is able to execute a script with the rights of other user. All ONAP setups are affected.
    • OJSI Grant Project Access:
      OJSI-PORTAL

      Description

      ONAP Portal don't validate user input and allows for XSS vulnerability
      in multiple places (URLs)

        Attachments

        # Subject Branch Project Status CR V

          Activity

            People

            Assignee:
            dmizyn Dominik Mizyn
            Reporter:
            Jakub.Botwicz Jakub Botwicz
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: