Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 5.6.1
Affects Version/s: 5.5.1
Component/s: Bitbucket Server integration, Security
Labels:
- cvss-high
- security
- xss

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Stash server title in the "Stash server" dropdown is not being escaped and if it contains a script tag that script will be eval'd.

Our Stash QA test data has the server title "Welcome to <script>alert(666)</script> Long Ståш Title with [...]" which causes the "666" to alert when the "Add repository" button is clicked from the Linked Repos page (http://mszczepanski.local:8085/bamboo/admin/configureGlobalRepositories!default.action).

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

rce.jpg
0.1 kB
08/May/2016 3:03 PM
xxe.svg
0.6 kB
08/May/2016 3:03 PM

Issue Links

was cloned as: BDEV-5821 Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Marcin

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 22/Jul/2014 5:05 AM

Updated:: 19/Aug/2019 2:02 AM

Resolved:: 19/Aug/2014 5:20 AM