Title: Unchecked user input in Swift XML
Reporter: Alex Gaynor (Rackspace)
Products: Swift
Affects: All versions
Description:
Alex Gaynor withRackspace reported a vulnerability in the
AccountController class' GET method within the Swift account.server
module. By including unescaped quotes within data passed to the
account variable, unparsable or arbitrary XML can be included.
Proposed impact description...
Title: Unchecked user input in Swift XML
Reporter: Alex Gaynor (Rackspace)
Products: Swift
Affects: All versions
Description:
Alex Gaynor withRackspace reported a vulnerability in the
AccountController class' GET method within the Swift account.server
module. By including unescaped quotes within data passed to the
account variable, unparsable or arbitrary XML can be included.