Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #9501 Reflected XSS in the project list page in the site administration
    Actions
    Infos
    #9501
    Thomas Gerbet (tgerbet)
    2016-10-17 11:35
    2016-09-16 14:34
    9769
    Details
    Reflected XSS in the project list page in the site administration

    A reflected XSS could be injected via the parameters status of the project list page in the site administration.

    Impact

    An attacker could use this vulnerability to force a victim to execute uncontrolled code.
    CVSSv3 score: 6.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

    Exploitation

    With a user having site administration rights, go to https://<tuleap_url>/admin/grouplist.php?status="><script>alert(1)</script>

    If you a browser having good content security policy support, the vulnerability can be less easy to exploit.

    References

    https://cwe.mitre.org/data/definitions/79.html
    https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29

    Credit

    Thanks to Mehmet Ince from PRODAFT for having disclosed responsibly this vulnerability.

    Site admin
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2016-09-17
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #9341 Tuleap Releases 9.0 Delivered 2016-17-10 11:32 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #9501

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/12/6512/1' of ssh://gerrit.tuleap.net:29418/tuleap into stable 1579f21cb8
    User avatar Nicolas Terray (nterray) , 2016-09-17 08:02
    request #9501: Reflected XSS in the project list page in the site administration b07641eda8
    User avatar Thomas Gerbet (tgerbet) , 2016-09-16 16:53

    Release

    release #130
    Referenced by request #9501

    Artifact Tracker v5

    rel #9341 9.0

    Other

    gerrit #6512
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2016-09-23 16:40
    Add credit.
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    User avatar
    Nicolas Terray (nterray)2016-09-17 08:09
    Tuleap 8.19.99.1
    • Status changed from Under review to Closed
    • Connected artifacts
    • Close date set to 2016-09-17