Details
-
Bug
-
Resolution: Fixed
-
High
-
5.2-m05
-
None
-
5.02
-
6.5
-
Description
The Workload Pie Chart Report included with the JIRA charting plugin contains a number of XSS vulnerabilities. This plugin is bundled with OnDemand.
The configuration page contains an XSS vulnerability in custom field names.
1. Create a custom field with the name <script>alert('custom field')</script>
2. Try to create a workload pie chart report for a project
e.g. https://iceberg.jira-dev.com/secure/ConfigureReport!default.jspa?selectedProjectId=10002&reportKey=com.atlassian.jira.ext.charting:workloadpie-report
The view page contains XSS vulnerabilities in a number of fields - at least assignee (though the username), project name and labels.
1. Create an issue adding the label <script>alert('label')</script> and giving it an estimated completion time
2. View a workload pie chart report for the project the issue is in, choosing the labels field as the statistic type
Attachments
Issue Links
- is blocked by
-
JRADEV-20340 Loading...
- relates to
-
JRADEV-20556 Loading...