Our team would like to thank Fahimhusain Raydurg for responsibly disclosing
this vulnerability and Patrik Ragnarsson from CloudAMQP for contributing a fix.
Impact
When a federation link was displayed in the RabbitMQ management UI via the rabbitmq_federation_management plugin,
its consumer tag was rendered without proper <script> tag sanitization, potentially allowing for JavaScript code
execution in the context of the page.
The user must be signed in and have elevated permissions (manage federation upstreams and policies).
Patches
- The vulnerability is patched in RabbitMQ 3.8.18 or a later version.
- #3122
Workarounds
Disable the rabbitmq_federation_management plugin and use CLI tools instead.
References
None.
For more information
If you have any questions or comments about this advisory, please contact security@rabbitmq.com.
Our team would like to thank Fahimhusain Raydurg for responsibly disclosing
this vulnerability and Patrik Ragnarsson from CloudAMQP for contributing a fix.
Impact
When a federation link was displayed in the RabbitMQ management UI via the
rabbitmq_federation_managementplugin,its consumer tag was rendered without proper <script> tag sanitization, potentially allowing for JavaScript code
execution in the context of the page.
The user must be signed in and have elevated permissions (manage federation upstreams and policies).
Patches
Workarounds
Disable the
rabbitmq_federation_managementplugin and use CLI tools instead.References
None.
For more information
If you have any questions or comments about this advisory, please contact
security@rabbitmq.com.