Vulnerabilities

CVE-2016-5737

by Fred · 12/01/2017

The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a crafted review.

Date published : 2017-01-12

http://www.securityfocus.com/bid/91352

https://github.com/openstack-infra/puppet-gerrit/commit/8573c2ee172f66c1667de49685c88fdc8883ca8b

Similar

Tags: Cybersecurity Alert