[XRAY-4743] Reflected XSS in secure/TestStepExportAction!default.jspa - Xblend Issue Tracker

Xporter

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Done
Affects Version/s: R3.5.3
Fix Version/s: 3.6.3
Component/s: REST_API, Security, Test Steps
Labels:
- security_vulnerability_medium

Requirement Status:
OK
- 1

Description

Reflected XSS in secure/TestStepExportAction!default.jspa. A reflected XSS was found in /secure/TestStepExportAction!default.jspa via the key parameter. Some encoding is done on the payload since it gets converted to uppercase.
To verify, browse the following link in Firefox:
[Server]/secure/TestStepExportAction!default.jspa?key=[TEST KEY]><svg/onload="%26%23x61%3b%26%23x6 C%3b%26%23x65%3b%26%23x72%3b%26%23x74%3b%26%23x28%3b%26%23x31%3b%26%23x29%3b">&exportTyp e=CSV&decorator=dialog&inline=true&_=1574154808724

Attachments

Activity

People

Assignee:: Paulo Alves

Reporter:: Hugo Braz [X] (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 27/Nov/19 11:43 AM

Updated:: 18/Feb/21 5:27 PM

Resolved:: 18/Feb/21 5:27 PM

Time Tracking

Estimated:

Remaining:

Logged:

1d 6h