Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0012034
TypeCategorySeverityReproducibilityDate SubmittedLast Update
design defect[Openbravo ERP] C. Securitymajoralways2010-01-21 18:042022-02-01 08:08
ReporterefrieseView Statuspublic 
Assigned ToTriage Platform Base 
PriorityhighResolutionopenFixed in Version
StatusacknowledgedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSLinux 32 bitDatabasePostgreSQLJava version1.6.0_16
OS VersionCommunity ApplianceDatabase version8.3.8Ant version1.7.1
Product VersionSCM revision 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0012034: Cross-site Scripting in the generated xxx_Relation.html files

DescriptionThe value of inpParamSessionDate is not validated/escaped to prevent malicious code from being executed in the browser.

The same field is present in all the various xxx_Relation.html files as they are generated at compile time based on a common-template.

Example URL's where the issue can be reproduced:
/openbravo/Message/Message_Relation.html
/openbravo/Reference/Reference_Relation.html
/openbravo/SystemInfo/SystemInfo_Relation.html
/openbravo/User/User_Relation.html
/openbravo/Form/Form_Relation.html
Steps To ReproduceThe TamperData plugin for Firefox or another proxy will be needed to reproduce. Visit i.e. /openbravo/Message/Message_Relation.html while using TamperData to set inpParamSessionDate to:

inpParamSessionDate=>%22%27><img%20src%3d%22javascript:alert('XSS')%22>
Proposed SolutionThe value of inpParamSessionDate should be escaped so that code cannot be executed in the browser. More info can be found at http://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29 [^]
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
has duplicate defect 0012035 closedshuehner Cross-site Scripting in Reference_Relation.html 
has duplicate defect 0012036 closedshuehner Cross-site Scripting in SystemInfo_Relation.html 
has duplicate defect 0012037 closedshuehner Cross-site Scripting in User_Relation.html 
has duplicate defect 0012032 closedshuehner Cross-site Scripting in Form_Relation.html 
blocks design defect 0019842 acknowledgedTriage Platform Base Review Cross-site Scripting 

-  Notes
(0043092)
shuehner (administrator)
2011-11-22 18:29

Consolidating similar bug-reports into a single one if the source of them is identical (i.e. autogeneratd xx_Relation.html files generated from wad)
(0052510)
AugustoMauch (administrator)
2012-09-24 23:39

Effort: 1
Impact: low
Plan: short

- Issue History
Date Modified Username Field Change
2010-01-21 18:04 efriese New Issue
2010-01-21 18:04 efriese Assigned To => alostale
2010-01-25 08:15 alostale Status new => scheduled
2010-01-25 08:15 alostale Assigned To alostale => shuehner
2011-11-22 18:29 shuehner Note Added: 0043092
2011-11-22 18:29 shuehner Summary Cross-site Scripting in Message_Relation.html => Cross-site Scripting in the generated xxx_Relation.html files
2011-11-22 18:29 shuehner Description Updated View Revisions
2011-11-22 18:29 shuehner Steps to Reproduce Updated View Revisions
2011-11-22 18:30 shuehner Relationship added has duplicate 0012035
2011-11-22 18:31 shuehner Relationship added has duplicate 0012036
2011-11-22 18:31 shuehner Relationship added has duplicate 0012037
2011-11-22 18:31 shuehner Relationship added has duplicate 0012032
2012-02-20 11:11 shuehner Assigned To shuehner => alostale
2012-02-22 15:52 alostale Relationship added blocks 0019842
2012-02-22 15:54 alostale Type defect => design defect
2012-09-24 23:39 AugustoMauch Note Added: 0052510
2012-09-24 23:39 AugustoMauch Priority normal => high
2017-03-31 14:36 alostale Status scheduled => acknowledged
2017-04-10 14:35 alostale Assigned To alostale => platform
2022-02-01 08:08 alostale Assigned To platform => Triage Platform Base


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker