•  
      request #32629 XSS in the card field of the agile dashboard apps
    Infos
    #32629
    Thomas Gerbet (tgerbet)
    2023-07-24 09:14
    2023-06-21 13:40
    34228
    Details
    XSS in the card field of the agile dashboard apps

    Content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped.

    Impact

    A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code.
    CVSSv3.1 score: 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

    Exploitation

    1. Have a kanban with a selectbox of users in a card field (e.g. a "Assigned to" field)
    2. Set this field to a user having a realname like "a"
    3. Display the kanban

    References

    CWE 79
    OWASP Cross-site Scripting
    CVE-2023-35929

    Agile Dashboard
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2023-06-22
    Attachments
    Empty
    References

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2023-06-23 16:38

    CVE-2023-35929 has been assigned to this issue.


    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes