[XRAY-6502] XSS through test type - Xblend Issue Tracker

Xporter

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Done
Affects Version/s: None
Fix Version/s: 4.2.3
Component/s: Core, Security
Labels:
- ignore_ait
- security_vulnerability_medium

Sprint:
XRAY 2020 Sprint 7, XRAY 2020 Sprint 8
Requirement Status:
OK
- 1

Description

How to replicate:
- add a new test type : <script>alert("wrong test type")</script>

a pop up will appear with the message above

navigate to search issues, add column test type and the following image appears

try to create a test through dialog, the same pop up will appear

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2020-10-01-12-13-27-412.png
33 kB
01/Oct/20 12:13 PM

Activity

People

Assignee:: Paulo Alves

Reporter:: Marcelo Ferreira

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 01/Oct/20 12:16 PM

Updated:: 18/Feb/21 4:51 PM

Resolved:: 18/Feb/21 4:50 PM

Time Tracking

Estimated:

Not Specified

Remaining:

0m

Logged:

1d 4h