-
Bug
-
Resolution: Fixed
-
Medium
-
5.6.3
-
None
-
4
-
This request:
<home>/plugins/recently-updated/changes.action?theme=XXXXXXXX
results in the response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1412654577325
X-Seraph-LoginReason: OK
X-AUSERNAME: admin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html;charset=UTF-8
Date: Tue, 07 Oct 2014 04:02:57 GMT
Content-Length: 277
<ul>
<li class="update-item update-item-error">XXXXXXXX
no supported.</li>
</ul>
Which in turn renders as a web page. This was an attacker can construct a web page and pretend it has come from Confluence. It is not possible to embed HTML tags.
Also, bad grammar 
Reported by a customer.
- mentioned in
-
Page Loading...
[CONFSERVER-35189] "Recently updated" plugin can be used to reflect arbitrary static content to browser
| Workflow | Original: JAC Bug Workflow v3 [ 2884073 ] | New: CONFSERVER Bug Workflow v4 [ 2979099 ] |
| Workflow | Original: JAC Bug Workflow v2 [ 2787413 ] | New: JAC Bug Workflow v3 [ 2884073 ] |
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
| Workflow | Original: JAC Bug Workflow [ 2718338 ] | New: JAC Bug Workflow v2 [ 2787413 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2380443 ] | New: JAC Bug Workflow [ 2718338 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 2271730 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2380443 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2221845 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 2271730 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2167695 ] | New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2221845 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 1926137 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2167695 ] |
| Workflow | Original: Confluence Workflow - Public Facing - Restricted v3 [ 1735548 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 1926137 ] |
| Workflow | Original: CONF Bug Subtask WF (TEMP) [ 1692821 ] | New: Confluence Workflow - Public Facing - Restricted v3 [ 1735548 ] |