Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-11042

XSS vulnerabilities in create space action

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 2.7.3
    • 2.1.5, 2.2.10, 2.3.3, 2.4.5, 2.5.8, 2.6.2, 2.7.2
    • None

      The following URL's are vulnerable:

      • spaces/createspace-start.action
      • spaces/createspace.action

      on key and name parameters.

        1. createspace.vm
          5 kB
          Chris Broadfoot [Atlassian]

            [CONFSERVER-11042] XSS vulnerabilities in create space action

            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2876144 ] New: CONFSERVER Bug Workflow v4 [ 2982330 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2776015 ] New: JAC Bug Workflow v3 [ 2876144 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2711842 ] New: JAC Bug Workflow v2 [ 2776015 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2377307 ] New: JAC Bug Workflow [ 2711842 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2265795 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2377307 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2213943 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2265795 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2163293 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2213943 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1919646 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2163293 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v3 [ 1723803 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 1919646 ]
            Katherine Yabut made changes -
            Workflow Original: CONF Bug Subtask WF (TEMP) [ 1678079 ] New: Confluence Workflow - Public Facing - Restricted v3 [ 1723803 ]

              cbroadfoot Chris Broadfoot [Atlassian]
              a06b3b24deee Wyatt Crossin
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: