Project:
View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
ID | |||||||||||
0014856 | |||||||||||
Type | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||||
design defect | [Openbravo ERP] C. Security | major | always | 2010-10-12 01:04 | 2022-02-01 08:08 | ||||||
Reporter | cmlh_id_au | View Status | public | ||||||||
Assigned To | Triage Platform Base | ||||||||||
Priority | high | Resolution | open | Fixed in Version | |||||||
Status | acknowledged | Fix in branch | Fixed in SCM revision | ||||||||
Projection | none | ETA | none | Target Version | |||||||
OS | Linux 32 bit | Database | PostgreSQL | Java version | 1.6.0_18 | ||||||
OS Version | Community Appliance | Database version | 8.3.9 | Ant version | 1.7.1 | ||||||
Product Version | SCM revision | ||||||||||
Review Assigned To | |||||||||||
Web browser | |||||||||||
Modules | Core | ||||||||||
Regression level | |||||||||||
Regression date | |||||||||||
Regression introduced in release | |||||||||||
Regression introduced by commit | |||||||||||
Triggers an Emergency Pack | No | ||||||||||
Summary | 0014856: 0014855: Cross Site Scripting (XSS) - Reflected - ReportShipmentEditionJR.html - "InpDateTo" Parameter | ||||||||||
Description | The value of the "InpDateTo" Parameter is not validated and/or escaped during the HTTP GET Request of /openbravo/utility/ReportShipmentEditionJR.html and hence is vulnerable to Reflected Cross Site Scripting (XSS) | ||||||||||
Steps To Reproduce | 1. Copy and paste the following URL into Firefox after authenticating to http://demo2.openbravo.com: [^] http://demo2.openbravo.com/openbravo/ad_reports/ReportShipmentEditionJR.html?inpDateTo=555-555-0199@example.com%22%3E%3Cimg%20src%3da%20onerror%3dalert%28%27XSS%27%29%3E&Command=&inpBpartnerId_DES=555-555-0199@example.com&inpcProjectId=&inpmWarehouseId=&inpcProjectId_D=555-555-0199@example.com&inpDateFrom=555-555-0199@example.com&inpcBPartnerId= [^] 2. A Javascript Alert Box will display "XSS" as per the attached screenshot. | ||||||||||
Proposed Solution | Validate and escape the value of the "InpDateTo" Parameter on the server side i.e. prior to the Javascript being executed by the web browser. | ||||||||||
Tags | No tags attached. | ||||||||||
Attached Files | Cross_Site_Scripting_(XSS)_-_Reflected_-_ReportShipmentEditionJR.html_-_InpDateTo_Parameter.jpg [^] (87,291 bytes) 2010-10-12 01:04
| ||||||||||
Relationships [ Relation Graph ] [ Dependency Graph ] | ||||||||
|
Notes | |
(0052468) AugustoMauch (administrator) 2012-09-24 23:26 |
Effort: 1 Impact: low Plan: short |
Issue History | |||
Date Modified | Username | Field | Change |
2010-10-12 01:04 | cmlh_id_au | New Issue | |
2010-10-12 01:04 | cmlh_id_au | Assigned To | => alostale |
2010-10-12 01:04 | cmlh_id_au | File Added: Cross_Site_Scripting_(XSS)_-_Reflected_-_ReportShipmentEditionJR.html_-_InpDateTo_Parameter.jpg | |
2010-10-12 01:04 | cmlh_id_au | Issue Monitored: cmlh_id_au | |
2010-10-25 08:56 | alostale | Assigned To | alostale => shuehner |
2010-10-25 08:56 | alostale | Status | new => scheduled |
2012-02-20 11:21 | shuehner | Assigned To | shuehner => alostale |
2012-02-22 15:52 | alostale | Relationship added | blocks 0019842 |
2012-02-22 15:54 | alostale | Type | defect => design defect |
2012-09-24 23:26 | AugustoMauch | Note Added: 0052468 | |
2012-09-24 23:26 | AugustoMauch | Priority | normal => high |
2017-03-31 14:36 | alostale | Status | scheduled => acknowledged |
2017-04-10 14:34 | alostale | Assigned To | alostale => platform |
2022-02-01 08:08 | alostale | Assigned To | platform => Triage Platform Base |
Copyright © 2000 - 2009 MantisBT Group |