[CONFSERVER-11042] XSS vulnerabilities in create space action - Create and track feature requests for Atlassian products.

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Medium
Resolution: Fixed
Affects Version/s: 2.1.5, 2.2.10, 2.3.3, 2.4.5, 2.5.8, 2.6.2, 2.7.2
Fix Version/s: 2.7.3
Component/s: None
Labels:
- affects-server
- security

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

The following URL's are vulnerable:

spaces/createspace-start.action
spaces/createspace.action

on key and name parameters.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

Attachments

createspace.vm
5 kB
12/Mar/2008 12:40 AM

Activity

People

Assignee:: Chris Broadfoot [Atlassian]

Reporter:: Wyatt Crossin

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 12/Mar/2008 12:36 AM

Updated:: 11/Oct/2018 8:38 AM

Resolved:: 12/Mar/2008 11:25 PM