Uploaded image for project: 'Jira Cloud (including JIRA Core)'
  1. Jira Cloud (including JIRA Core)
  2. JRACLOUD-65113

Stored XSS in ViewWorkflowTransition.jsp

    XMLWordPrintable

    Details

      Description

      Step to reproduce:
      1) Go to workflow edit page as an administrator
      2) Add validator "User Permission Validator" to transition with user name parameter "<script>alert(2)</script>"
      3) It will trigger xss on ViewWorkflowTransition page

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mkwidzinski Maciej Kwidzinski
              Reporter:
              aminozhenko Alexander Minozhenko
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: