Uploaded image for project: 'Xray for Jira'
  1. Xray for Jira
  2. XRAY-6473

Stored XSS in Tests List Gadget

    XporterXMLWordPrintable

Details

    • XRAY 2020 Sprint 5

    Description

      Steps:

      1. Attacker go to any one of them Component**
      2. Attacker in Name Filed add XSS Payload: Component \"><img src=x onerror=alert('ComponentName')>
      3. Now create new issues and select issue type TEST And choose the Component that you created
      4. Create a filter with this test
      5. After create issues go to Dashboard and click in Add Gadget Tests list gadget
      6. use the filter, save

      Attachments

        Issue Links

          clones

          Bug - A problem which impairs or prevents the functions of the product. XRAY-6472 Stored XSS in Test Plan Board & Test Repository By "JQL Search"

          • Major - Major loss of function.
          • Closed
          is cloned by

          Bug - A problem which impairs or prevents the functions of the product. XRAY-6474 Stored XSS at Xray Server in dashboard by Tests List Gadget

          • Major - Major loss of function.
          • Closed

          Activity

            People

              sbgs Sara Santos [X] (Inactive)
              dpca Diamantino Campos
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour
                  1h