Uploaded image for project: 'Xray for Jira'
  1. Xray for Jira
  2. XRAY-6475

Stored XSS on XRay Server on XRay Report via "Saved Search"

    XporterXMLWordPrintable

Details

    • XRAY 2020 Sprint 5
    • OK

    Description

      The attacker can create a "save filter", name this filter with a long name, and then add an XSS payload at the end of the name in order not to attract attention. Where the vulnerability is exploited in this way without the need for user interaction, just pressing one button. Show PoC video in attachment.

      Attachments

        1. XrayXssExpolit.mp4
          1.81 MB
          Diamantino Campos

        Issue Links

          Activity

            People

              pmmr Pedro Rodrigues
              dpca Diamantino Campos
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours, 50 minutes
                  2h 50m