Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-47027

Stored XSS Vulnerability found on Atlassian

XMLWordPrintable

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      Hi !
      I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com .
      You will have the POC as an atachment to this report that i am making.

      Now i will show you in details how i managed to find this vulnerability.
      Firstly I created an account in atlassian.com . When i created my account i set the full name to : "><svg/onload=confirm(document.domain)>;
      Then under my services, i went to https://answers.atlassian.com/
      and when the page fully loaded, the javascript payload that was in my full name was executed and i got the result shown in the attachment image.
      I also uploaded another image as an atachment showing to you the user cookies which you can get by just replacing document.domain with document.cookie on the payload.

      Regards,
      Andi

        1. Atlassian XSS POC #2.png
          321 kB
        2. Atlassian.com XSS.png
          221 kB

              Unassigned Unassigned
              3f269006c12d Andy Test
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: