Details
-
Bug
-
Resolution: Fixed
-
Medium
-
2.2.10, 2.3.3, 2.4.5, 2.5.8, 2.6.2, 2.7.2
-
None
Description
In 2.7.x, the following URL's are vulnerable:
- /users/insertlink.action
- /users/insertlink-page-attachmentstab.action
- /users/insertlink-page-uploadfile.action
- /users/insertlink-draft-attachmentstab.action
- /users/insertlink-draft-uploadfile.action
- /users/doinsertimageinpage.action
- /users/doinsertimageindraft.action
- /users/insertimageinpage.action
- /users/insertimageindraft.action
The following URL's are vulnerable in 2.6.x and prior:
- /users/insertlink.action
- /users/insertimagelink.action
on the following parameters:
- formname
- fieldname
- draftType
- spaceKey
- currentspace
- destination
- alias
- tooltip
- mode