Community
Participate
Working Groups
Created attachment 247968 [details] Proof of concept testcase windows, wmware+kubuntu! Eclipse Java EE IDE for Web Developers. Version: Juno Service Release 2 Build id: 20130225-0426 url:(for this testcase, local, at my job) http://127.0.0.1:49835/viewer/frameset?__report=%2Fhome%2Fimie%2FDocuments%2FBIRT%2FRapports%2FSalesInvoice.rptdesign&__format=html&__svg=true&__locale=fr_FR&__timezone=Poland&__masterpage=true&__rtl=false&__cubememsize=10&__resourceFolder=%2Fhome%2Fimie%2FDocuments%2FBIRT%2FRapports&__dpi=96&-1573801155 ------------------------------------ on the "order naumber" you post :(and execute) "'><li onmouseover=alert("xssed")>BHG</li> (cookie an domain runs) ------------------------------ shitty settings: org.eclipse.birt.report.exception.ViewerValidationException for step 2 when you pass with youir mouse over the "BHG" on the error msg, popup javascript appears \o/ ------------------------------------- do you have a bug bounty programm? poc step 1: http://hpics.li/3594ce9 step 2 on attachment ------------------------------------ best regard nicolas francois aka miaouuuux