Uploaded image for project: 'Reference Application'
  1. Reference Application
  2. RA-452 XSS vulnerabilities in Ref App 2.x
  3. RA-1267

Stored XSS in locations

    XMLWordPrintable

    Details

    • Type: Technical task
    • Status: Approved
    • Priority: Should
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Admin UI
    • Labels:
    • Complexity:
      Undetermined
    • Sprint:
      Ref App 2.11 Release Sprint 3, Ref App 2.12 Priorities

      Description

      To reproduce vulnerability:
      1.) from the main page: click "Configure Metadata" -> under "Locations" click "Manage Locations"
      3.) click "Add New Location"
      4.) set the name of the location to the following string:

      " onmouseover="alert('xss')
      5.) fill in all other required fields normally and submit new location

      • user should be redirected back to the "Manage Locations" page

      6.) from the "Manage Locations" page, click on the edit button next to the newly created location
      7.) hover mouse over the name input text box (should trigger JS alert popup)

      Note #1: Although I have only tested the name field, it is likely that many of the other fields are also vulnerable to the same style of attack

      Note #2: The second attachment shows that this xss in locations is also executed on the login page. These locations will also have to be sanitized.

        Gliffy Diagrams

          Attachments

            Activity

              People

              Assignee:
              dkayiwa Daniel Kayiwa
              Reporter:
              isears Isaac Sears
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: