Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 7.2.0
Affects Version/s: 6.1
Component/s: Administration - Fields
Labels:

Introduced in Version:
6.01
CVSS Score:
6
Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Reproduction:
1. Create custom fields with <script>alert(1)</script> in name and/or description.
2. Go to 'Field Configurations'
3. Click 'Add Field Configuration', enter any text in 'Name'
4. Hit okay and wait for the page to refresh
5. Choose the config you just made -> XSSed

Attachments

Issue Links

mentioned in: Page Loading...

relates to: CAS-552 Loading...; JSEC-2 Loading...; JSEV-334 Loading...

Activity

People

Assignee:: Ilya Zinoviev (Inactive)

Reporter:: Ashley Blackmore

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Due:: 08/Jul/2016

Created:: 30/Sep/2013 7:48 AM

Updated:: 28/Mar/2019 12:11 AM

Resolved:: 27/Jun/2016 8:41 AM