Atlassian JIRA < 3.13.3 DWR 'c0-id' XSS

medium Nessus Plugin ID 36184

Synopsis

The remote web server hosts a web application that is affected by a cross-site scripting (XSS) vulnerability.

Description

The Atlassian JIRA installation hosted on the remote web server is affected by a cross-site scripting (XSS) vulnerability due to a failure to sanitize input to the 'c0-id' parameter during a DWR call.
A remote attacker, using a crafted URL, can exploit this to execute JavaScript in a user's browser.

Note that other issues have been reported with JIRA versions prior to 3.13.3; however, Nessus has not tested for these. Refer to the advisory for more information.

Solution

Upgrade to Atlassian JIRA 3.13.3 or later. Alternatively, apply the appropriate patches referenced in the vendor advisory.

See Also

https://jira.atlassian.com/browse/CONF-11808

https://jira.atlassian.com/browse/JRA-16072

http://www.nessus.org/u?62de9169

Plugin Details

Severity: Medium

ID: 36184

File Name: jira_3_13_3.nasl

Version: 1.22

Type: remote

Published: 4/17/2009

Updated: 6/5/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:atlassian:jira

Required KB Items: installed_sw/Atlassian JIRA

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/2/2009

Vulnerability Publication Date: 4/2/2009

Reference Information

BID: 34342

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

SECUNIA: 34556