Details
-
Bug
-
Resolution: Fixed
-
Medium
-
5.2.4, 6.1-OD-03
-
None
-
5.02
-
6
-
Description
NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report.
Similar to JRA-31564, an XSS bug exists in the delete filter success screen.
Steps to reproduce:
1. Search for issues.
2. Choose "Save as", enter "><script>alert(document.cookie)</script> for the name.
3. Delete the filter.
See attached screenshots.
Attachments
Issue Links
- relates to
-
JRACLOUD-34074 XSS Vulnerability - delete filter confirmation
- Closed