[JSWSERVER-5562] XSS (reflected) in rankVMID parameter of GetRankPage.jspa - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Highest (View bug fix roadmap)
Fix Version/s: 6.1
Affects Version/s: 5.10.6, 6.0.6
Component/s: None
Labels:
- affects-server
- cvss-high
- fixme
- security
- verified
- xss

Introduced in Version:
5.1
Bug Fix Policy:
View Atlassian Server bug fix policy

As per https://sdog.jira.com/browse/JSTDEV-2110

Targets: https://test01.jira-dev.com/secure/GetRankPage.jspa?fieldId=customfield_10006&start=0&versionId=-1&rankVMID=field%22%3e%3cscript%3ealert('XSS')%3c/script%3e&decorator=none&selectedProjectId=10000&pageType=ChartBoard&subType=ArchiveChartBoard&type=ACB&selectedBoardId=-1&colPage=1

Reproduction:
Open Target URL after login
Apply attack value "><script>alert('XSS')</script> in the rankVMID parameter.

is related to

JSWSERVER-6705 XSS in redirectType parameter on SearchBoard.jspa

Closed

mentioned in: Page Failed to load

relates to: JSTDEV-2110 Failed to load

No work has yet been logged on this issue.

Assignee:: Unassigned

Reporter:: David Black

Affected customers:: 0 This affects my team

Watchers:: 4 Start watching this issue

Created:: 01/Aug/2012 7:46 AM

Updated:: 27/Mar/2019 11:22 PM

Resolved:: 27/Nov/2012 10:23 PM