[CONFCLOUD-51825] XSS Vulnerability in wiki markup

Type: Bug
Resolution: Fixed
Priority: Medium
Component/s: Page - Content
Labels:

CVSS Score:
5.5
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Cloud bug fix policy

NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report.

Luke Jahnke of the Australia Post Digital Mailbox Security Team reported to Atlassian an XSS in nesting various markup.

is related to

CONFSERVER-51825 XSS Vulnerability in wiki markup

Closed

Form Name

David Black added a comment - 14/Mar/2017 4:45 AM

CVSS score: 5.5 => Medium severity

Exploitability Metrics

AccessVector	Network
AccessComplexity	Low
Authentication	Single

Impact Metrics

ConfImpact	Partial
IntegImpact	Partial
AvailImpact	None

David Black added a comment - 14/Mar/2017 4:45 AM CVSS score: 5.5 => Medium severity Exploitability Metrics AccessVector Network AccessComplexity Low Authentication Single Impact Metrics ConfImpact Partial IntegImpact Partial AvailImpact None

Assignee:: Unassigned

Reporter:: Luke Jahnke

Affected customers:: 0 This affects my team

Watchers:: 1 Start watching this issue

Created:: 14/Mar/2017 4:40 AM

Updated:: 14/Jul/2020 5:58 AM

Resolved:: 14/Mar/2017 4:45 AM

Details

Description

Attachments

Issue Links

Forms

Activity

Collapse comment: David Black added a comment - 14/Mar/2017 4:45 AM

Expand comment: David Black added a comment - 14/Mar/2017 4:45 AM

People

Dates