Uploaded image for project: 'Crucible'
  1. Crucible
  2. CRUC-1749

XSS issue in filter parameter

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Medium
    • 2.0
    • 1.6.6
    • None
    • None

    • Firefox 3.0.10

    Description

      Please refer to the support ticket CRC-807. There is a XSS issue when generating the Crucible filter with the following URL.

      For example;

      which will execute a javascript pop up with cookie information. See the attached screen shot

      This is not reproducible in Crucible 2.0.

      Attachments

        Activity

          People

            Unassigned Unassigned
            mgchong Ming Giet Chong [Atlassian]
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: