Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-8951

XSS vulnerability in app/spaces/editspace.action

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: High High
    • 2.5.6
    • 2.5.4
    • None

    • Standalone

      Description:
      XSS via the "Name" field in app/spaces/editspace.action.

      Exploit:
      blah"><script>alert(document.cookie)</script><x x="

            [CONFSERVER-8951] XSS vulnerability in app/spaces/editspace.action

            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2877441 ] New: CONFSERVER Bug Workflow v4 [ 2984983 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2777625 ] New: JAC Bug Workflow v3 [ 2877441 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2715425 ] New: JAC Bug Workflow v2 [ 2777625 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2381414 ] New: JAC Bug Workflow [ 2715425 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2273515 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2381414 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2217135 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2273515 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2169883 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2217135 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1930220 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2169883 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v3 [ 1730635 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 1930220 ]
            Katherine Yabut made changes -
            Workflow Original: CONF Bug Subtask WF (TEMP) [ 1688676 ] New: Confluence Workflow - Public Facing - Restricted v3 [ 1730635 ]

              Unassigned Unassigned
              b1e07ee35f09 Gergely Hodicska
              Affected customers:
              2 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: