[
https://issues.apache.org/jira/browse/DRILL-5766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16177012#comment-16177012
]
ASF GitHub Bot commented on DRILL-5766:
---------------------------------------
Github user kkhatua commented on the issue:
https://github.com/apache/drill/pull/955
@arina-ielchiieva Here's the minor change that restores the graph
> Stored XSS in APACHE DRILL
> --------------------------
>
> Key: DRILL-5766
> URL: https://issues.apache.org/jira/browse/DRILL-5766
> Project: Apache Drill
> Issue Type: Bug
> Components: Functions - Drill
> Affects Versions: 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.11.0
> Environment: Apache drill installed in debian system
> Reporter: Sanjog Panda
> Assignee: Arina Ielchiieva
> Priority: Critical
> Labels: cross-site-scripting, ready-to-commit, security,
> security-issue, xss
> Fix For: 1.12.0
>
> Attachments: XSS - Sink.png, XSS - Source.png
>
>
> Hello Apache security team,
> I have been testing an application which internally uses the Apache drill
> software v 1.6 as of now.
> I found XSS on profile page (sink) where in the user's malicious input comes
> from the Query page (source) where you run a query.
> Affected URL : https://localhost:8047/profiles
> Once the user give the below payload and load the profile page, it gets
> triggered and is stored.
> I have attached the screenshot of payload
> <script>alert(document.cookie)</script>.
> *[screenshot link]
> *
> https://drive.google.com/file/d/0B8giJ3591fvUbm5JZWtjUTg3WmEwYmJQeWd6dURuV0gzOVd3/view?usp=sharing
> https://drive.google.com/file/d/0B8giJ3591fvUV2lJRzZWOWRGNzN5S0JzdVlXSG1iNnVwRlAw/view?usp=sharing
>
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
