Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #7788 Persistent XSS in attachment of artifact
    Actions
    Infos
    #7788
    Thomas Gerbet (tgerbet)
    2015-03-04 16:22
    2015-01-22 16:39
    7789
    Details
    Persistent XSS in attachment of artifact

    A persistent XSS could be injected through an attachment of an artifact.

    Impact

    An attacker could use this vulnerability to force a victim to execute uncontrolled code.
    CVSS2 score : 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)

    Exploitation

    Join a HTML page with some JS to an artifact.

    References

    https://cwe.mitre.org/data/definitions/79.html
    https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29

    Trackers
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2015-01-23
    Attachments
    Artifact links
    Empty
    Empty
    References
    Referencing request #7788

    Artifact Tracker v5

    rel #7520 7.10

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/07/3507/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD e6c81555e9
    User avatar dylan bowden (dylan) , 2015-01-23 09:55
    request #7788: Prevent persistent XSS in attachment of an artifact 699eaeb7d3
    User avatar Thomas Gerbet (tgerbet) , 2015-01-22 16:59
    request #7788: Prevent persistent XSS in attachment of an artifact 656375dc56
    User avatar Thomas Gerbet (tgerbet) , 2015-01-26 11:11
    Merge commit 'refs/changes/37/3537/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 172d5babd5
    User avatar dylan bowden (dylan) , 2015-01-28 13:48
    Force IE (< 9) and old Chrome versions to follow the declared content-type and content-disposition headers. 633d5d7ebf
    User avatar Thomas Gerbet (tgerbet) , 2015-01-27 17:09

    tuleap/u/vaceletm/tuleap/dev

    Merge commit 'refs/changes/37/3537/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 172d5babd5
    User avatar dylan bowden (dylan) , 2015-01-28 13:48
    Force IE (< 9) and old Chrome versions to follow the declared content-type and content-disposition headers. 633d5d7ebf
    User avatar Thomas Gerbet (tgerbet) , 2015-01-27 17:09
    Merge commit 'refs/changes/07/3507/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD e6c81555e9
    User avatar dylan bowden (dylan) , 2015-01-23 09:55
    request #7788: Prevent persistent XSS in attachment of an artifact 699eaeb7d3
    User avatar Thomas Gerbet (tgerbet) , 2015-01-22 16:59
    request #7788: Prevent persistent XSS in attachment of an artifact 656375dc56
    User avatar Thomas Gerbet (tgerbet) , 2015-01-26 11:11

    Release

    release #100
    Referenced by request #7788

    Other

    gerrit #3507
    gerrit #3537
    Display settings

    Follow-ups

    User avatar
    Nicolas Terray (nterray)2015-01-23 16:15
    It introduces a regression in User eXperience as images can no longer be opened in the browser :(
    User avatar
    dylan bowden (dylan)2015-01-23 09:56
    Integrated in Tuleap 7.9.99.57
    • Status changed from Under review to Closed
    • Close date set to 2015-01-23
    User avatar
    Thomas Gerbet (tgerbet)2015-01-22 17:13
    A patch is under review: gerrit #3507.
    • Summary
      -Persistent XSS in attachement of artifact 
      +Persistent XSS in attachment of artifact 
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    • Status changed from New to Under review