• Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 2.9.2
    • 2.9
    • None

      http://confluence.atlassian.com/dosearchsite.action?where=conf_all&queryString=%3Cscript%3Ealert('foo');%3C/script%3E

      queryString needs to be escaped.

      This problem is fixed if they turn on Anti-XSS mode. We still need to fix this as anti-xss is not on by default.

              cbroadfoot Chris Broadfoot [Atlassian]
              dave@atlassian.com dave (Inactive)
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: