Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-47027

Stored XSS Vulnerability found on Atlassian

XMLWordPrintable

      NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report.

      Hi !
      I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com .
      You will have the POC as an atachment to this report that i am making.

      Now i will show you in details how i managed to find this vulnerability.
      Firstly I created an account in atlassian.com . When i created my account i set the full name to : "><svg/onload=confirm(document.domain)>;
      Then under my services, i went to https://answers.atlassian.com/
      and when the page fully loaded, the javascript payload that was in my full name was executed and i got the result shown in the attachment image.
      I also uploaded another image as an atachment showing to you the user cookies which you can get by just replacing document.domain with document.cookie on the payload.

      Regards,
      Andi

        1. Atlassian.com XSS.png
          221 kB
          Steve Haffenden
        2. Atlassian XSS POC #2.png
          321 kB
          Steve Haffenden

              Unassigned Unassigned
              3f269006c12d Andy Test
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: