Uploaded image for project: 'Xray for Jira'
  1. Xray for Jira
  2. XRAY-6479

Stored XSS at Xray Server in Test Execution issues by Assignee name

    XporterXMLWordPrintable

Details

    Description

      Steps:

      1. Create user with name to XSS Payload: "><img src=x onerror=alert('Assigner')>
      2. Create Issue Type Test issue .
      3. Create inline Test Execution.
      4. Go to Test Execution issue. 
      5. Add assignee to table

      Attachments

        Issue Links

          clones

          Bug - A problem which impairs or prevents the functions of the product. XRAY-6477 XSS in Issue Type Mapping configuration through Issue linking

          • Major - Major loss of function.
          • Closed

          Activity

            People

              prpa Paulo Alves
              dpca Diamantino Campos
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 20 minutes
                  20m