oss-sec mailing list archives

Stored XSS vulnerabilities in Flyspray

From: chbi () chbi eu
Date: Sat, 7 Oct 2017 08:56:48 +0200

Hi,

I've discovered two security issues in Flyspray (http://www.flyspray.org/)


A stored XSS vulnerability in Flyspray before 1.0-rc6 allows an
authenticated user to inject JavaScript to gain administrator privileges.

Fix:
https://github.com/Flyspray/flyspray/commit/754ec5d04348ef7ecb8cb02ade976dc412b031f8


A stored XSS vulnerability in Flyspray between 1.0-rc4 and 1.0-rc6
allows an authenticated user to inject JavaScript to gain administrator
privileges and also to execute JavaScript against other users (including
unauthenticated users).

Fix
https://github.com/Flyspray/flyspray/commit/00cfae5661124f9d67ac6733db61b2bfee34dccc


Both issues are fixed in Flyspray 1.0-rc6.

https://github.com/Flyspray/flyspray/releases/tag/v1.0-rc6


I've requested CVE IDs (MITRE).


-- 
chbi
https://chbi.eu

GPG: 3DE9 9187 4BE9 EAE6 3CA8  DC20 BA7B 93F9 9037 AE7E
     https://chbi.eu/chbi.asc

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Stored XSS vulnerabilities in Flyspray chbi (Oct 07)
- Re: Stored XSS vulnerabilities in Flyspray chbi (Oct 10)