Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-51825

XSS Vulnerability in wiki markup

XMLWordPrintable

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      Luke Jahnke of the Australia Post Digital Mailbox Security Team reported to Atlassian an XSS in nesting various markup.

          Form Name

            [CONFSERVER-51825] XSS Vulnerability in wiki markup

            David Black made changes -
            Labels Original: affects-cloud affects-server cvss-medium editor security xss New: advisory advisory-released affects-cloud affects-server cvss-medium editor security xss
            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2902913 ] New: CONFSERVER Bug Workflow v4 [ 2997575 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2800677 ] New: JAC Bug Workflow v3 [ 2902913 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2731141 ] New: JAC Bug Workflow v2 [ 2800677 ]
            Owen made changes -
            Symptom Severity Original: Major [ 14431 ] New: Severity 2 - Major [ 15831 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2396394 ] New: JAC Bug Workflow [ 2731141 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2292960 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2396394 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2230015 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2292960 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2187689 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2230015 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1914960 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2187689 ]

              Unassigned Unassigned
              ca3d894a75c2 Luke Jahnke
              Affected customers:
              0 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: