Details
-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
6
-
Description
NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.
Similar to JRA-31564, an XSS bug exists in the delete filter success screen.
Steps to reproduce:
1. Search for issues.
2. Choose "Save as", enter "><script>alert(document.cookie)</script> for the name.
3. Delete the filter.
See attached screenshots.
Attachments
Issue Links
- is related to
-
JRASERVER-34074 XSS Vulnerability - delete filter confirmation
- Closed