Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 6.6.1, 6.7.0
Affects Version/s: 6.4.3
Component/s: Content - Attachments
Labels:

Fixed in Long Term Support Release/s:

Download 6.6
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.

relates to

HTTP-3 Content spoofing through the application/mathml+xml content-type in the Mozilla Firefox Browser - CVE-2017-18103

Closed

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Due:: 30/Mar/2018

Created:: 02/Feb/2018 12:12 AM

Updated:: 22/May/2020 8:22 AM

Resolved:: 02/Feb/2018 3:36 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates