Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-16019

XSS vulnerability when moving page between spaces

    XMLWordPrintable

Details

    Description

      You can create a space with HTML in the name. In most places this space name is correctly encoded however in the tree component given when you chose to move a page the destination space is name is not encoded properly.

      To reproduce.
      1) Create a space called <script>alert("Howdy");</script>
      2) Create a page in another space
      3) Move this new page, chosing the previously created space as the destination
      4) You'll get a friendly 'Howdy' alert.

      Because permissions can be set such that any user has space create permission this is a slightly greater problem than it might originally sound.

      Attachments

        1. patch_2.10.x.zip
          6 kB
        2. patch_3.0.zip
          6 kB
        3. screenshot1.png
          screenshot1.png
          49 kB

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-16135 XSS vulnerability in space name when page move would create a duplicate

          • Highest - Our top priority issues
          • Closed

          Activity

            People

              pcurren Paul Curren
              pcurren Paul Curren
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: