-
Bug
-
Resolution: Fixed
-
Medium
-
2.10.3
-
None
-
Server: QA-EAC 3.0-m9-r2
OS: Mac OS X 10.5.6
Browser: Safari 3.2.1 (5525.27.1)
A custom message can be used for when no contributors are found, it can be used as a XSS vector: https://qa-eac.atlassian.com/confluence/display/~pdzwart/Contributors+Macro+noneFoundMessage+XSS
Markup
{contributors:noneFoundMessage=<iframe src="http://www.youtube.com/v/60og9gwKh1o&hl=en&fs=1&autoplay=1"></iframe>}
- is cloned from
-
-
- Closed
-
[CONFSERVER-15399] Contributors Macro noneFoundMessage XSS Vector
| Workflow | Original: JAC Bug Workflow v3 [ 2887357 ] | New: CONFSERVER Bug Workflow v4 [ 2999066 ] |
| Workflow | Original: JAC Bug Workflow v2 [ 2795672 ] | New: JAC Bug Workflow v3 [ 2887357 ] |
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
| Workflow | Original: JAC Bug Workflow [ 2733626 ] | New: JAC Bug Workflow v2 [ 2795672 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2399016 ] | New: JAC Bug Workflow [ 2733626 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 2297288 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2399016 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2232644 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 2297288 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2193044 ] | New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2232644 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 1934190 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2193044 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v3 [ 1733748 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 1934190 ] |
| Workflow | Original: CONF Bug Subtask WF (TEMP) [ 1692276 ] | New: Confluence Workflow - Public Facing - Restricted v3 [ 1733748 ] |