On 2017-11-17 08:22:31 + (+), TommyLike Hu wrote:
> Recently when we integrating and testing OpenStack services. We
> found there is a potential script injection issue that some of our
> services accept the input with special character [1] [2], for
> instance we can create an instance or a
Hey all,
Recently when we integrating and testing OpenStack services. We found
there is a potential script injection issue that some of our services
accept the input with special character [1] [2], for instance we can create
an instance or a volume with the name of 'script inside'.
One of the