Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 5.1.4
Affects Version/s: 3.5.13, 4.2
Component/s: None
Labels:
- affects-server
- cvss-high
- editor
- loyalty
- security
- verified
- xss
Environment:

CentOS 5.8, JDK 1.6.0_29

CVSS Score:
6.5
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

The

{multimedia} macro in confluence embeds a swf without the 'allowScriptAccess' attribute set to 'none'. This allows the embedded (user submitted) swf to execute arbitrary javascript on the page, constituting an XSS vulnerability. The {multimedia}

tag is bundled in with the base product and not an optional macro, so steps may need to be taken by Atlassian to fix this issue if there isn't a configuration setting anywhere.

This issue was reported by Workday's Security Operations team member Michael Carlson

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

HelloWorld.as
0.3 kB
18/May/2012 8:44 PM
HelloWorld.swf
1 kB
18/May/2012 8:44 PM

Issue Links

mentioned in: Wiki Page Loading...

Activity

People

Assignee:: Chii

Reporter:: David Corley

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 18/May/2012 8:44 PM

Updated:: 11/Oct/2018 8:37 AM

Resolved:: 22/May/2013 2:00 AM