Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0006498TestLinkSecurity - Generalpublic2014-08-13 17:492014-09-27 16:43
Reportercedric 
Assigned Tofman 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
Platformx86_64OSWindowsOS Version7
Product Version1.9.10 (2014 Q1 - bug fixing) 
Fixed in Version1.9.12 (2014 Q3) 
Summary0006498: Cross-Site Scripting on /lib/plan/planExport.php (CWE-80)
DescriptionThere isn't a proper sanitization of the parameter "exportContent".
That is used as hidden input on planExport.tpl
Steps To Reproduce 1. Login as a valid user.
 2. Proof-of-Concept:

http://demo.testlink.org/latest/lib/plan/planExport.php?tproject_id=23849&tplan_id=23869&platform_id=0&build_id=361&exportContent=4results%22%3E%3Cbutton%3Exss%3C/button%3E%3Cimg%20src=%22 [^]
TagsNo tags attached.
Database (MySQL,Postgres,etc)MySQL
BrowserChrome 28
PHP Version5.3.3
TestCaseID
QA Team - Task Workflow StatusREADY FOR TESTING
Attached Files

- Relationships
child of 0006457closedfman Availables hot-fixes for 1.9.11 & How To get full fixed package from gitorious 

-  Notes
(0021454)
fman (administrator)
2014-08-13 20:32

Thanks
I suggests you to get latest code from gitorious because some work have been done regarding security.
Thats' because may be you are reportings things that has been already fixed.
(0021457)
fman (administrator)
2014-08-13 21:03

https://gitorious.org/testlink-ga/testlink-code/commit/1fd82c67eb25618d593f869dc54f0a0a6731a68c [^]
(0021461)
cedric (reporter)
2014-08-14 02:19

Yeah, I make some tests on demo.testlink.org and look at the current code in gitorious and my own server running testlink.
(0021462)
fman (administrator)
2014-08-14 06:53

OK, thanks
(0021732)
fman (administrator)
2014-09-27 16:43

Release done

- Issue History
Date Modified Username Field Change
2014-08-13 17:49 cedric New Issue
2014-08-13 20:32 fman Note Added: 0021454
2014-08-13 20:39 fman QA Team - Task Workflow Status => TBD
2014-08-13 21:03 fman QA Team - Task Workflow Status TBD => READY FOR TESTING
2014-08-13 21:03 fman Note Added: 0021457
2014-08-13 21:03 fman Fixed in Version => 1.9.12 (2014 Q3)
2014-08-13 21:03 fman Description Updated View Revisions
2014-08-13 21:03 fman Status new => resolved
2014-08-13 21:03 fman Resolution open => fixed
2014-08-13 21:03 fman Assigned To => fman
2014-08-13 21:03 fman Relationship added child of 0006457
2014-08-14 02:19 cedric Note Added: 0021461
2014-08-14 06:53 fman Note Added: 0021462
2014-09-27 16:43 fman Note Added: 0021732
2014-09-27 16:43 fman Status resolved => closed
2015-09-15 21:09 fman Category Security => Security - XSS
2015-09-15 21:10 fman Category Security - XSS => Security - General



Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker