Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-8956

stored XSS vulnerability in app/themes/leftnavigation/configuretheme.action

      Description:
      Stored XSS via page app/themes/leftnavigation/configuretheme.action?key=~<USERNAME>

      Exploit:
      Example value in the Naviagtion Page field: "><script>aletr(document.cookie)</script><x x="

              sleberrigaud Samuel Le Berrigaud
              b1e07ee35f09 Gergely Hodicska
              Affected customers:
              3 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: