Public bug reported: Description =========== Using webinspect scan nova api, we get Critical Security Vulnerabilities. Could give us some advices, thanks
Expected result =============== No Security Vulnerabilities Actual result ============= Critical Cross-Site Scripting: Reflected https://10.43.210.23:8774/v2.1/1423ea90d84442908ddd08ed8130da7f/servers/%3c%61%20%48%72%45%66%3d%56%62%53%63%52%69%50%74%3a%4d%73%67%42%6f%78%28%31%37%37%38%33%29%3e ** Affects: nova Importance: Undecided Status: New ** Description changed: Description =========== - Using webinspect scan nova api, we get Critical Security Vulnerabilities. + Using webinspect scan nova api, we get Critical Security Vulnerabilities. Could give us some advices, thanks Expected result =============== No Security Vulnerabilities Actual result ============= Critical Cross-Site Scripting: Reflected https://10.43.210.23:8774/v2.1/1423ea90d84442908ddd08ed8130da7f/servers/%3c%61%20%48%72%45%66%3d%56%62%53%63%52%69%50%74%3a%4d%73%67%42%6f%78%28%31%37%37%38%33%29%3e -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1851132 Title: Nova api Cross-Site Scripting Reflected Status in OpenStack Compute (nova): New Bug description: Description =========== Using webinspect scan nova api, we get Critical Security Vulnerabilities. Could give us some advices, thanks Expected result =============== No Security Vulnerabilities Actual result ============= Critical Cross-Site Scripting: Reflected https://10.43.210.23:8774/v2.1/1423ea90d84442908ddd08ed8130da7f/servers/%3c%61%20%48%72%45%66%3d%56%62%53%63%52%69%50%74%3a%4d%73%67%42%6f%78%28%31%37%37%38%33%29%3e To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1851132/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
