[XRAY-6396] Stored XSS in dashboard By "Test Run Assignee & Executed by" in "Test Runs List Gadget" - Xblend Issue Tracker

Xporter

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Done
Affects Version/s: None
Fix Version/s: 4.1.6, Continuous Delivery
Component/s: Gadget, Security
Labels:
- ignore_ait
- security_vulnerability_medium

Sprint:
XRAY 2020 Sprint 4
Requirement Status:
OK
- 1

Description

Steps:

Go to Your Profile and in Profile Name filed inject XSS Payload: "><img src=x onerror=alert('Assigner')>
Install Xray Test Management for Jira Server, Then go to Dashboard tab. and create new Dashboard.
After create dashboard click in "add gadget" button.
From gadget list Select Test Runs List.
Now if victim filling Test Run Assignee OR Executed by fields. the payload will be reflected in the page.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2020-09-01-13-13-00-251.png
146 kB
01/Sep/20 1:13 PM

Activity

People

Assignee:: Diamantino Campos

Reporter:: Diamantino Campos

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 01/Sep/20 1:13 PM

Updated:: 21/Oct/20 3:12 PM

Resolved:: 21/Oct/20 3:12 PM

Time Tracking

Estimated:

Not Specified

Remaining:

0m

Logged:

1h 10m