Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Done
-
4.1.4
-
XRAY 2020 Sprint 4
-
Description
Steps:
- Go to Custom Field
- Click in Add Custom Field
- Select any Custom Field type
- Add name and Description Custom Field as XSS Payload.
"><img src=x onerror=alert(document.cookie)>
5 Click save Custom Field Then go to Xray Report. http://localhost:8080/secure/XrayReport!default.jspa?selectedProjectKey=PRO
6 Now click in Filter(s) Button and Click in More drop list
7 Search for the "custom field" you added "><img src=x onerror=alert(document.cookie)>, And choose it
8 Now it will add it as a field. Enter any value in this field and click Apply.
9 After click apply XSS Payload fire in your browser.