Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-56283

The acceptAnswer resource of Confluence Questions was vulnerable to CSRF - CVE-2018-13394

    XMLWordPrintable

Details

    Description

      The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to make a user accept an answer via a Cross-site request forgery (CSRF) vulnerability.

      Attachments

        Activity

          People

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: