Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-15754

Jiraissues add icon mapping configuration is susceptible to XSS

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: High High
    • 3.0
    • 2.10
    • None

    • QA-CAC: 3.0-beta2-r3

      Combined with XSRF susceptibility via CONF-15753; you can craft an attack to get elevated privileges in Confluence.

            [CONFSERVER-15754] Jiraissues add icon mapping configuration is susceptible to XSS

            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2903393 ] New: CONFSERVER Bug Workflow v4 [ 2997951 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2801461 ] New: JAC Bug Workflow v3 [ 2903393 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2731855 ] New: JAC Bug Workflow v2 [ 2801461 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2397140 ] New: JAC Bug Workflow [ 2731855 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2294216 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2397140 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2230720 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2294216 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2189124 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2230720 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1919101 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2189124 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v3 [ 1729026 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 1919101 ]
            Katherine Yabut made changes -
            Workflow Original: CONF Bug Subtask WF (TEMP) [ 1686523 ] New: Confluence Workflow - Public Facing - Restricted v3 [ 1729026 ]

              pcurren Paul Curren
              pdzwart PdZ (Inactive)
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: