Uploaded image for project: 'Reference Application'
  1. Reference Application
  2. RA-452 XSS vulnerabilities in Ref App 2.x
  3. RA-1267

Stored XSS in locations

    Details

    • Type: Technical task
    • Status: Accepted
    • Priority: Should
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Admin UI
    • Labels:
    • Complexity:
      Undetermined

      Description

      To reproduce vulnerability:
      1.) from the main page: click "Configure Metadata" -> under "Locations" click "Manage Locations"
      3.) click "Add New Location"
      4.) set the name of the location to the following string:

      " onmouseover="alert('xss')
      5.) fill in all other required fields normally and submit new location

      • user should be redirected back to the "Manage Locations" page

      6.) from the "Manage Locations" page, click on the edit button next to the newly created location
      7.) hover mouse over the name input text box (should trigger JS alert popup)

      Note #1: Although I have only tested the name field, it is likely that many of the other fields are also vulnerable to the same style of attack

      Note #2: The second attachment shows that this xss in locations is also executed on the login page. These locations will also have to be sanitized.

        Attachments

          Activity

            People

            • Assignee:
              dkayiwa Daniel Kayiwa
              Reporter:
              isears Isaac Sears [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: