CVE-2014-7850
Published: 28 November 2014
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.
Notes
Author | Note |
---|---|
ebarretto | FreeIPA 4.x issue, marking Trusty as not affected |
Priority
Status
Package | Release | Status |
---|---|---|
freeipa Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(4.1.4-1)
|
bionic |
Not vulnerable
(4.1.4-1)
|
|
cosmic |
Not vulnerable
(4.1.4-1)
|
|
lucid |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
|
|
upstream |
Released
(4.1.2)
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Not vulnerable
(4.1.4-1)
|
|
xenial |
Not vulnerable
(4.1.4-1)
|
|
yakkety |
Not vulnerable
(4.1.4-1)
|
|
zesty |
Not vulnerable
(4.1.4-1)
|