OpenSUSE open-build-service suffers from improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability
The information has been provided by Marcus Meissner
The original article can be found at:https://bugzilla.suse.com/show_bug.cgi?id=1171439
A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb.