Uploaded image for project: 'Reference Application'
  1. Reference Application
  2. RA-452 XSS vulnerabilities in Ref App 2.x
  3. RA-1267

Stored XSS in locations

    XMLWordPrintable

    Details

    • Type: Technical task
    • Status: Accepted
    • Priority: Should
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Admin UI
    • Labels:
    • Complexity:
      Undetermined

      Description

      To reproduce vulnerability:
      1.) from the main page: click "Configure Metadata" -> under "Locations" click "Manage Locations"
      3.) click "Add New Location"
      4.) set the name of the location to the following string:

      " onmouseover="alert('xss')
      5.) fill in all other required fields normally and submit new location

      • user should be redirected back to the "Manage Locations" page

      6.) from the "Manage Locations" page, click on the edit button next to the newly created location
      7.) hover mouse over the name input text box (should trigger JS alert popup)

      Note #1: Although I have only tested the name field, it is likely that many of the other fields are also vulnerable to the same style of attack

      Note #2: The second attachment shows that this xss in locations is also executed on the login page. These locations will also have to be sanitized.

        Attachments

          Activity

            People

            Assignee:
            dkayiwa Daniel Kayiwa
            Reporter:
            isears Isaac Sears
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: