Uploaded image for project: 'Confluence Server and Data Center'
  1. Confluence Server and Data Center
  2. CONFSERVER-14275

HTTP Header Injection vulnerability: os_destination value not properly escaped when used as redirect location

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Medium
    • Resolution: Fixed
    • None
    • 2.10.2
    • None

    Description

      Issue to track the Seraph security vulnerability, SER-127, and including the fix in Confluence (once it is fixed).

      Attachments

        Activity

          People

            alynch Andrew Lynch (Inactive)
            matt@atlassian.com Matt Ryall
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: