This ticket is an initial ticket that we might get involved in tracking xss vulnerability through tracking xss vulnerabilities, Basically the idea is to make user this can be automated following the procedures being taken by security team
This is based on https://issues.openmrs.org/browse/RA-1865
The idea behind this is that we will leverage security xss vulnerability issues and they can be automated, however this still is in pipeline and we are still looking forward to leverage how will help security issues to be automated
steps that need to be automated to reproduce this
1.Launch the OpenMRS application.
2.Login with username "Admin" and password "Admin123" with location as Inpatient Ward.
3.Select “System Administration”
4.Select “Advanced Administration”
5.Select “Manage Roles”
6.Select “Add Role”
7.In the “Role” title input field, enter <script>alert(1);</script>
8.Click "Save Role"
9.Navigate to the "Manage Users" tab
10.Enter "admin" in the "Find User on Name" search field and click "Search".
11.Click on "admin" under "System Id" in the search results table to edit the admin user.
12.Under Roles, select the check mark next to <script>alert(1);</script>
13.Click "Save User"
14.Repeat step 10