OSA-2019-001: Number of XSS vulnerabilities in Portal
Portal: Dublin and earlier
Jakub Botwicz from Samsung reported a number of vulnerabilities in ONAP Portal. By providing a crafted user input, an attacker is able to execute a script with the rights of other user. All ONAP setups are affected.
The number of XSS vulnerabilities is very large and not all of them are fixed yet thus we don’t provide exact list of patches for this OSA.
Jakub Botwicz from Samsung