Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-15402

XSS vulnerability can be exploited with the viewppt macro

XMLWordPrintable

      Upload a file test.ppt

      Use markup:

      {viewppt:test.ppt|height=<script>alert("xss")</script>|width=<script>alert("xss")</script>}

      The scripts will be executed when the page is loaded.

              mjensen m@ (Inactive)
              mhrynczak Mark Hrynczak (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: