•  
      request #31586 XSS in the tooltip via an artifact title
    Infos
    #31586
    Thomas Gerbet (tgerbet)
    2023-05-02 08:17
    2023-04-20 14:33
    33189
    Details
    XSS in the tooltip via an artifact title

    The title of an artifact is not properly escaped in the tooltip.

    Impact

    A malicious user with the capability to create an artifact or to edit a field title could force victim to execute uncontrolled code.
    CVSSv3.1 score: 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

    Exploitation

    The issue can be demonstrated by creating an artifact with a title like <img src=a onerror=alert(1)> and then display the artifact in a tooltip (using a cross reference for example).

    References

    CWE 79
    OWASP Cross-site Scripting
    Issue has been introduced by git #tuleap/stable/b61c1f3ffad022fc7347973e5d3bc4c87f2c57dc (Tuleap 14.7.99.76)
    CVE-2023-30619

    Trackers
    development
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Nicolas Terray (nterray)
    Closed
    2023-04-21
    Attachments
    Empty
    References

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2023-04-24 10:02

    CVE-2023-30619 has been assigned to this issue.


    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes