request #39689 XSS in the HTML mail content of the cross reference field

Artifact

Infos

Artifact ID#39689

Submitted byThomas Gerbet (tgerbet)

Last Modified On2024-10-14 09:37

Submitted on2024-09-17 15:40

Rank41316

Details

Summary *

XSS in the HTML mail content of the cross reference field

Original Submission

Content of cross reference field is not properly escaped in mail notifications.

Impact

A site administrator could create an artifact link type with a forward label allowing to execute uncontrolled code (or at least achieve content injection) in a mail client.

CVSSv3.1 score: 4.8 (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:L)

References

CWE 79
OWASP Cross-site Scripting
CVE-2024-46980

CategoryTrackers

Reported in versionAll

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2024-09-17

Attachments

Connected artifacts

Artifact links

Releases

Fixed in

	Artifact ID	Project	Tracker	Summary	Status	Last Update Date	Submitted By	Assigned to
	rel #37898	Tuleap	Releases	16.0	Delivered	2024-10-09 15:47	Manuel Vacelet (vaceletm)

Reverse artifact links

Empty

AttachmentsEmpty

References

Cross references

Referencing request #39689

Git commit

tuleap/tuleap/stable

fix: request #39689 XSS in the HTML mail content of the cross reference field dd94a79998

Thomas Gerbet (tgerbet) , 2024-09-17 15:45

Merge commit 'refs/changes/46/31946/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 03384a572d

Nicolas Terray (nterray) , 2024-09-17 17:15

Show items referenced by request #39689

Referenced by request #39689

Artifact Tracker v5

rel #37898 16.0

Other

gerrit #31946

Follow-ups

Thomas Gerbet (tgerbet)

2024-10-14 09:37

Public disclosure.

Thomas Gerbet (tgerbet)

2024-09-18 10:24

CVE-2024-46980 has been assigned to this issue.

Original Submission

Something went wrong, the follow up content couldn't be loaded

Only formatting have been changed, you should switch to markup to see the changes

Nicolas Terray (nterray)

2024-09-17 17:16

Status changed from Under review to Closed
Connected artifacts
- Added Fixed in: rel #37898
Close date set to 2024-09-17

Thomas Gerbet (tgerbet)

2024-09-17 15:46

See gerrit #31946.

Status changed from Under implementation to Under review