From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Thu, 30 May 2019 13:25:46 +0000 (+0200)
Subject: Document OJSI-15 (CVE-2019-12317) vulnerability
X-Git-Tag: 3.2.0~307^2~4
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=commitdiff_plain;h=a370f0b1dc257ad498d91480032bd2c9090acb7f

Document OJSI-15 (CVE-2019-12317) vulnerability

Issue-ID: OJSI-15
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I5cb96956f25e09a390ef24a52f6222c0cc7b9e94
---

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 457819bc..4f954692 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -35,6 +35,8 @@ We worked on SDK upgrade to integrate with AAF. We partially implemented multi-l
 *Fixed Security Issues*
 
 *Known Security Issues*
+
+	* CVE-2019-12317 - Number of XSS vulnerabilities in Portal [`OJSI-15 <https://jira.onap.org/browse/OJSI-15>`_]
 	* In defult deployment PORTAL (portal-app) exposes HTTP port 8989 outside of cluster. [`OJSI-97 <https://jira.onap.org/browse/OJSI-97>`_]
 	* In defult deployment PORTAL (portal-app) exposes HTTP port 30215 outside of cluster. [`OJSI-105 <https://jira.onap.org/browse/OJSI-105>`_]
 	* In defult deployment PORTAL (portal-sdk) exposes HTTP port 30212 outside of cluster. [`OJSI-106 <https://jira.onap.org/browse/OJSI-106>`_]