-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Medium
-
Affects Version/s: 5.6.3
-
Component/s: None
-
4
This request:
<home>/plugins/recently-updated/changes.action?theme=XXXXXXXX
results in the response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1412654577325
X-Seraph-LoginReason: OK
X-AUSERNAME: admin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html;charset=UTF-8
Date: Tue, 07 Oct 2014 04:02:57 GMT
Content-Length: 277
<ul>
<li class="update-item update-item-error">XXXXXXXX
no supported.</li>
</ul>
Which in turn renders as a web page. This was an attacker can construct a web page and pretend it has come from Confluence. It is not possible to embed HTML tags.
Also, bad grammar 
Reported by a customer.
- mentioned in
-
Page Loading...