open redirect in flushcache.action

XMLWordPrintable

    • 4.3

      A skipfish scan of confluence found that flushcache.action is vulnerable to 'open redirect' as the returlUrl seems to send up in the Location HTTP header on a 302 redirect response. Note the token parameter in the

      here is an example attack using the flaw
      http://localhost:8080/confluence/admin/flushcache.action?cache=com.atlassian.confluence.locale.requestLang&redirectUrl=XXXX&atl_token=xxx23

              Assignee:
              Petro Semeniuk (Inactive)
              Reporter:
              David Black
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: