[CKAN-Security] XSS for multiple sites
David Read
david.read at hackneyworkshop.com
Thu Sep 14 12:52:41 UTC 2017
To: CKAN Security list,
I got alerted to this report of XSS on a number of CKAN sites:
https://www.openbugbounty.org/reports/294186/
I don't know the details of the specific problem, but I'm asking via
my contacts.
The CKAN versions on the list seems pretty broad and include the latest e.g.
CKAN 2.2.4 https://data.england.nhs.uk/api/util/status
CKAN 2.6.2 https://www.opendatani.gov.uk/api/util/status
David
More information about the Security
mailing list