-
Bug
-
Resolution: Fixed
-
Highest (View bug fix roadmap)
-
5.10.6, 6.0.6
-
None
-
5.1
-
As per https://sdog.jira.com/browse/JSTDEV-2110
Reproduction:
Open Target URL after login
Apply attack value "><script>alert('XSS')</script> in the rankVMID parameter.
- is related to
-
-
- Closed
-
- mentioned in
-
![[Extranet] Page](/images/icons/generic_link_16.png "[Extranet] Page")
Page
Failed to load
- relates to
-
JSTDEV-2110 Failed to load
[JSWSERVER-5562] XSS (reflected) in rankVMID parameter of GetRankPage.jspa
| Minimum Version | New: 5.1 |
| Workflow | Original: JAC Bug Workflow v2 [ 2852849 ] | New: JAC Bug Workflow v3 [ 2933985 ] |
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
| Workflow | Original: JIRA Bug Workflow w Kanban v7 - Restricted [ 2544393 ] | New: JAC Bug Workflow v2 [ 2852849 ] |
| Workflow | Original: JIRA Bug Workflow w Kanban v6 - Restricted [ 1550863 ] | New: JIRA Bug Workflow w Kanban v7 - Restricted [ 2544393 ] |
| Labels | Original: cvss-high fixme security verified xss | New: affects-server cvss-high fixme security verified xss |
| Workflow | Original: JIRA Bug Workflow w Kanban v6 [ 908524 ] | New: JIRA Bug Workflow w Kanban v6 - Restricted [ 1550863 ] |
| Labels | Original: fixme security verified xss | New: cvss-high fixme security verified xss |
| Workflow | Original: GreenHopper Kanban Workflow 20141014 [ 746739 ] | New: JIRA Bug Workflow w Kanban v6 [ 908524 ] |
| Remote Link | New: This issue links to "Page (Extranet)" [ 101820 ] |
| Workflow | Original: GreenHopper Kanban Workflow v2 [ 398765 ] | New: GreenHopper Kanban Workflow 20141014 [ 746739 ] |