Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-8950

XSS vulnerability in app/spaces/listattachmentforspace.action

      Description:
      XSS via the "Filter By File Extension" field in app/spaces/listattachmentforspace.action.

      Exploit:
      blah"><script>alert(document.cookie)</script><x x="

            [CONFSERVER-8950] XSS vulnerability in app/spaces/listattachmentforspace.action

            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2902734 ] New: CONFSERVER Bug Workflow v4 [ 2997386 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2800395 ] New: JAC Bug Workflow v3 [ 2902734 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2734022 ] New: JAC Bug Workflow v2 [ 2800395 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2399428 ] New: JAC Bug Workflow [ 2734022 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2297985 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2399428 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2233066 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2297985 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2193825 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2233066 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1927648 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2193825 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v3 [ 1728809 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 1927648 ]
            Katherine Yabut made changes -
            Workflow Original: CONF Bug Subtask WF (TEMP) [ 1686116 ] New: Confluence Workflow - Public Facing - Restricted v3 [ 1728809 ]

              sleberrigaud Samuel Le Berrigaud
              b1e07ee35f09 Gergely Hodicska
              Affected customers:
              2 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: