[CONFSERVER-47042] XSS vulnerabilities in Atlassian Answers

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: None
Affects Version/s: No-Version
Component/s: Apps - Confluence Questions
Labels:

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

Some users seem to try XSS attack on Atlassian Answers.

How to replicate is the following steps.
Go to the top page https://answers.atlassian.com/.
Chose "Browse", "Users" and "Sort By Username" then a alert dialogue box will appear.

relates to

CONFCLOUD-47042 XSS vulnerabilities in Atlassian Answers

Closed

INTSYS-23426 Failed to load

causes: ADM-40153 Failed to load

Joe Clark added a comment - 26/Jul/2013 3:44 AM

Hi,

Thanks very much for taking the time to report this issue. We've already had this issue reported to us just last week and we are ready to deploy a fix that will solve the problem. I will keep this issue updated with the status of the fix.

Please comment on this issue if you have any concerns or questions.

Kind regards,
Joe Clark
Atlassian

Joe Clark added a comment - 26/Jul/2013 3:44 AM Hi, Thanks very much for taking the time to report this issue. We've already had this issue reported to us just last week and we are ready to deploy a fix that will solve the problem. I will keep this issue updated with the status of the fix. Please comment on this issue if you have any concerns or questions. Kind regards, Joe Clark Atlassian

Assignee:: Joe Clark

Reporter:: Shun Hirayanagi

Affected customers:: 0 This affects my team

Watchers:: 3 Start watching this issue

Created:: 26/Jul/2013 3:05 AM

Updated:: 11/Oct/2018 8:54 AM

Resolved:: 02/Aug/2013 12:12 AM

Details

Description

Attachments

Issue Links

Forms

Activity

Collapse comment: Joe Clark added a comment - 26/Jul/2013 3:44 AM

Expand comment: Joe Clark added a comment - 26/Jul/2013 3:44 AM

People

Dates