Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #27173 XSS via the title of a document
    Actions
    Infos
    #27173
    Nicolas Terray (nterray)
    2022-06-29 10:39
    2022-06-14 09:21
    28690
    Details
    XSS via the title of a document

    The title of a document is not properly escaped in the search result of MyDocmanSearch widget.

    Impact

    A malicious user with the capability to create a document could force victim to execute uncontrolled code.
    CVSSv3.1 score: 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

    Exploitation

    The issue can be demonstrated by creating a document with title Foobar <script>alert(1)</script> and:

    • search its id with the personal widget Document Id Search.
    • lock it and go to document administration » locked documents

    References

    CWE 79
    OWASP Cross-site Scripting
    CVE-2022-31063

    Doc/Documentation manager
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Nicolas Terray (nterray)
    Closed
    2022-06-14
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #25714 Tuleap Releases 13.10 Delivered 2022-22-06 10:19 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #27173

    Git commit

    tuleap/tuleap/stable

    Merge 'gerrit #26139' into stable/master 7f368eec59
    User avatar Thomas Gerbet (tgerbet) , 2022-06-14 11:40
    request #27173: XSS via the title of a document c947975a4f
    User avatar Nicolas Terray (nterray) , 2022-06-14 10:59
    Referenced by request #27173

    Artifact Tracker v5

    rel #25714 13.10

    Other

    gerrit #26139
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2022-06-14 17:20

    CVE-2022-31063 has been assigned to this issue.

    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    User avatar
    Thomas Gerbet (tgerbet)2022-06-14 11:42

    Integrated into Tuleap 13.9.99.111.

    • Status changed from Under review to Closed
    • Connected artifacts
    • Close date set to 2022-06-14
    User avatar
    Nicolas Terray (nterray)2022-06-14 11:01
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    User avatar
    Thomas Gerbet (tgerbet)2022-06-14 09:25
    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes