Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 6.1.6, 6.2-OD-6
Affects Version/s: 6.1.2
Component/s: Issue - Attachments
Labels:

Introduced in Version:
6.01
CVSS Score:
6.5
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Hi,

I found a persistent XSS vulnerability when attaching a file to an issue.
The steps to reproduce are the following :

Attach a file to an issue. Its name must contain "<script>alert('XSS')</script>". I used a python script to do that.

Browse to the issue and open the ALL tab under activity. A popup should appear.

See the attachment for the result.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

XSS.png
31 kB
05/Dec/2013 3:04 PM

Issue Links

Testing discovered

JRASERVER-36204 Attachment data-download-url field in href shows ${attachment.mimetype} if unknown mimetype

Closed

mentioned in: Page Loading...

Activity

People

Assignee:: Roman Tekhov (Inactive)

Reporter:: Yohan Joubert

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 05/Dec/2013 3:04 PM

Updated:: 21/May/2020 11:38 AM

Resolved:: 14/Jan/2014 4:25 AM