request #11171 Downloading a file of the FRS from the webdav web browser plugin can lead to XSS

Artifact

Infos

Artifact ID#11171

Submitted byThomas Gerbet (tgerbet)

Last Modified On2018-03-06 09:45

Submitted on2018-02-20 10:00

Rank11508

Details

Summary *

Downloading a file of the FRS from the webdav web browser plugin can lead to XSS

Original Submission

Downloading a file sotred in the FRS form the webdav browser plugin can lead to XSS.

Impact

An attacker could use this vulnerability to force a victim to execute uncontrolled code.
CVSSv3 score: 5.4 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Exploitation

Add a file in the FRS named xss.html with the following content: <html><body><script>alert(1)</script></body></html> and then download it from the webdav browser plugin.

References

CWE 79
OWASP Cross-site Scripting

CategoryOther

Reported in versionAll

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toEmpty

StatusClosed

Close date2018-02-23

Attachments

Connected artifacts

Artifact links

Releases

Fixed in

	Artifact ID	Project	Tracker	Summary	Status	Last Update Date	Submitted By	Assigned to
	rel #10968	Tuleap	Releases	9.18	Delivered	2018-03-07 14:19	Manuel Vacelet (vaceletm)

Reverse artifact links

Empty

AttachmentsEmpty

References

Cross references

Referencing request #11171

Git commit

tuleap/tuleap/stable

Merge commit 'refs/changes/17/10617/2' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD b1e6c9a5d9

Joris MASSON (jmasson) , 2018-02-23 11:11

request #11171: Downloading a file of the FRS from the webdav web browser plugin can lead to XSS c28f7146f2

Thomas Gerbet (tgerbet) , 2018-02-20 11:51

Show items referenced by request #11171

Referenced by request #11171

Artifact Tracker v5

rel #10968 9.18

Other

gerrit #10617

Follow-ups

Thomas Gerbet (tgerbet)

2018-03-06 09:45

Public disclosure.

Joris MASSON (jmasson)

2018-02-23 11:11

gerrit #10617 integrated into Tuleap 9.17.99.182

Status changed from Under review to Closed
Connected artifacts
- Added Fixed in: rel #10968
Close date set to 2018-02-23

Thomas Gerbet (tgerbet)

2018-02-20 10:52

A patch is under review: gerrit #10617.

Summary
-Downloading a file of the FRS from the webdav ~~webbrowser~~ plugin can lead to XSS
+Downloading a file of the FRS from the webdav web browser plugin can lead to XSS
Status changed from Under implementation to Under review