Comment 1 for bug 1586136

Draft:

Title: RCE vulnerability in Openstack Murano using insecure YAML tags
Reporter: Kirill Zaitsev
Products: OpenStack Murano
Affects: >=2014.2

Description:
Kirill Zaitsev from Mirantis reported a vulnerability in OpenStack Murano applications processing. Using extended YAML tags in Murano application YAML files, an attacker can perform a Remote Code Execution attack.
All setups of Murano are affected.