Uploaded image for project: 'Xray for Jira'
  1. Xray for Jira
  2. XRAY-6616

Stored XSS on Test Execution by [Filter Error message]

    XporterXMLWordPrintable

Details

    • XRAY 2020 Sprint 7

    • OK

    Description

      (Please note that this is may be possible on all screens that use the dynamic filter pictured below)

      Steps:

      1. Go to > Project settings > Versions OR Component
      2. Create New Version OR Component. In the Name field, enter the XSS payload.
      3. Create Issue Type Test issue .
      4. Create issue Type Test Execution.
      5. Go to Test Execution issue. Then from Test Execution issues you can see Tests section contain Add button. click in Add button and select Tests.
      6. From Test Execution issues you can see Filter(s) click in Filter(s) button.
      7. Now if you use the filter, you choose the Versions OR Component and choose the filter through the malicious load that you injected, the malicious load will be reflected on you.

      Attachments

        Issue Links

          clones

          Bug - A problem which impairs or prevents the functions of the product. XRAY-6615 Stored XSS at Xray in Test issue by Import Steps issue

          • Major - Major loss of function.
          • Closed
          is cloned by

          Bug - A problem which impairs or prevents the functions of the product. XRAY-6617 Stored XSS at Xray in Test Case Importer

          • Major - Major loss of function.
          • Closed

          Activity

            People

              dpca Diamantino Campos
              dpca Diamantino Campos
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day, 1 hour, 15 minutes
                  1d 1h 15m