[CONFSERVER-47042] XSS vulnerabilities in Atlassian Answers - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: None
Affects Version/s: No-Version
Component/s: Apps - Confluence Questions
Labels:

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

Some users seem to try XSS attack on Atlassian Answers.

How to replicate is the following steps.
Go to the top page https://answers.atlassian.com/.
Chose "Browse", "Users" and "Sort By Username" then a alert dialogue box will appear.

relates to

CONFCLOUD-47042 XSS vulnerabilities in Atlassian Answers

Closed

INTSYS-23426 Loading...

causes: ADM-40153 Loading...

Assignee:: Joe Clark

Reporter:: Shun Hirayanagi

Affected customers:: 0 This affects my team

Watchers:: 3 Start watching this issue

Created:: 26/Jul/2013 3:05 AM

Updated:: 11/Oct/2018 8:54 AM

Resolved:: 02/Aug/2013 12:12 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates