Skip to main content

39.3.1

This release fixes several security relevant issues in the (old) Rucio Web UI:

  • Advisory: GHSA-38wq-6q2w-hcf9: Username Enumeration via Login Error Message in Rucio WebUI
  • Advisory: GHSA-h79m-5jjm-jm4q: Reflected Cross-Site Scripting (XSS) in Rucio WebUI
  • Advisory: GHSA-fq4f-4738-rqxm: Stored Cross-Site Scripting (XSS) in Custom RSE Attribute of Rucio WebUI
  • Advisory: GHSA-rwj9-7j48-9f7q: Stored Cross-Site Scripting (XSS) in Custom Rule Function of Rucio WebUI
  • Advisory: GHSA-8wpv-6x3f-3rm5: Stored Cross-Site Scripting (XSS) in Identity Name of Rucio WebUI
  • Advisory: GHSA-h9fp-p2p9-873q: Stored Cross-Site Scripting (XSS) in RSE Metadata of Rucio WebUI