Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Stored XSS in Property Name in Security Audit Viewer

Description

If someone puts a script into Property Name field when creating a new system property, it gets executed, when viewing in Security Audit Viewer.

Say <script>alert(1)</script>

Environment

None

Activity

Show:
Fixed
Created March 20, 2018 at 11:17 AM
Updated October 28, 2020 at 1:26 PM
Resolved March 22, 2018 at 12:01 PM

Flag notifications