•  
      request #10829 XSS in autocompleters API responses
    Infos
    #10829
    Thomas Gerbet (tgerbet)
    2017-12-11 13:12
    2017-11-20 14:45
    11058
    Details
    XSS in autocompleters API responses

    A XSS can injected in the responses of project and user autocompleters.

    Impact

    An attacker could use this vulnerability to force a victim to execute uncontrolled code.
    CVSSv3 score: 5.4 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

    Exploitation

    Set the real name of a user to something like <img src=a onerror=alert(1)> and then access to the page https://<tuleap_instance>/user/autocomplete.php?return_type=json_for_select_2&name=<query_to_match_your_user>

    References

    CWE 79
    OWASP Cross-site Scripting

    Other
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2017-11-20
    Attachments
    Empty
    References

    Follow-ups

    User avatar
    Integrated into Tuleap 9.14.99.54

    • Status changed from Under review to Closed
    • Connected artifacts
    • Close date set to 2017-11-20