-
Bug
-
Resolution: Fixed
-
High
-
2.10
Use markup:
{contentbylabel:labels=foo|title=<script>alert('Vulnerable')</script>}
The script will be executed when the page is viewed.
[CONFSERVER-15440] XSS vulnerability can be exploited with the contentbylabel macro
Workflow | Original: JAC Bug Workflow v3 [ 2881922 ] | New: CONFSERVER Bug Workflow v4 [ 2977858 ] |
Workflow | Original: JAC Bug Workflow v2 [ 2783275 ] | New: JAC Bug Workflow v3 [ 2881922 ] |
Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
Workflow | Original: JAC Bug Workflow [ 2708787 ] | New: JAC Bug Workflow v2 [ 2783275 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2373633 ] | New: JAC Bug Workflow [ 2708787 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 2258744 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2373633 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2209704 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 2258744 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2155482 ] | New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2209704 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 1910932 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2155482 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v3 [ 1718264 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 1910932 ] |
Workflow | Original: CONF Bug Subtask WF (TEMP) [ 1669868 ] | New: Confluence Workflow - Public Facing - Restricted v3 [ 1718264 ] |