Loading...

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 6.4.2
Affects Version/s: 6.4.1
Component/s: Core - Web Resources
Labels:

Symptom Severity:
Severity 2 - Major

Various resources in Atlassian Confluence Server before version 6.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Due:: 30/Mar/2018
Created:: 02/Feb/2018 12:12 AM
Updated:: 11/Oct/2018 8:55 AM
Resolved:: 02/Feb/2018 3:16 AM

Details

Description

Attachments

Forms

Activity

People

Dates