Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-79534

Ability to permanently Disable/Remove User List Macro from Confluence

XMLWordPrintable

    • 0
    • 3

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem

      The User List macro can be used for user group enumeration.

      Attackers can exploit this information to, for example, gain insight into the organisation structure, target specific users or groups, or leverage it for further attacks.

      Suggested Solution

      Have an option to permanently Disable/Remove User List Macro from Confluence

      Why This Is Important

      This is a security concern 

      Workaround

      n/a

              Unassigned Unassigned
              fcb47b51ec9b John Li
              Votes:
              3 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: