[XRAY-4742] Stored XSS via Defect Summary - Xblend Issue Tracker

Xporter

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Done
Affects Version/s: R3.5.3
Fix Version/s: 3.6.3
Component/s: REST_API, Security
Labels:
- security_vulnerability_medium

Requirement Status:
OK
- 1

Description

Stored XSS via Defect Summary. There is a stored XSS vulnerability via a defect summary, that allows exploiting any Jira user that has access to said issue.

1. Create an issue of type Test and give it some name. Make sure that under Test Details the Manual type is selected
2. Browse to the newly created test issue
3. Scroll below and select Execute in -> New Test Execution and hit Create
4. In the view that you get redirected to, select Create Defect
5. Enter the XSS payload: "><img src=x onerror=prompt(123)> in the Summary field and hit create.
6. Browse back to your issue view (<server>/browse/[ISSUE_KEY]) and see the stored xss fire:

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Screenshot at Nov 27 11-37-22.png
405 kB
27/Nov/19 11:37 AM

Activity

People

Assignee:: Diamantino Campos

Reporter:: Hugo Braz [X] (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 27/Nov/19 11:38 AM

Updated:: 09/Apr/20 11:38 AM

Resolved:: 09/Apr/20 11:38 AM

Time Tracking

Estimated:

Not Specified

Remaining:

3h 45m

Logged: