Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-8993

Reflected XSS Vulnerability in the Feed Builder

XMLWordPrintable

      Input in the Feed Builder is not properly handled.

      Insert: 

      "><<script>alert('Gotcha!')</script>

      as the feed name (title) and you get url like this:

      http://confluence.atlassian.com/dashboard/doconfigurerssfeed.action?types=page&types=blogpost&types=mail&types=comment&types=attachment&sort=modified&showContent=true&showDiff=true&spaces=conf_global&labelString=&rssType=atom&maxResults=10&timeSpan=5&publicFeed=true&title=%22%3E%3C%3Cscript%3Ealert%28%27Gotcha%21%27%29%3C%2Fscript%3E

      Suggested fix: Escape output of title in

      <link rel="alternate" type="application/atom+xml" title="" href=""/>

      in the 

      /dashboard/doconfigurerssfeed.action

      view

            [CONFSERVER-8993] Reflected XSS Vulnerability in the Feed Builder

            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2900186 ] New: CONFSERVER Bug Workflow v4 [ 2994821 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2795133 ] New: JAC Bug Workflow v3 [ 2900186 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2733545 ] New: JAC Bug Workflow v2 [ 2795133 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2398925 ] New: JAC Bug Workflow [ 2733545 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2297098 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2398925 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2232550 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2297098 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2192828 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2232550 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1932055 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2192828 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v3 [ 1732065 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 1932055 ]
            Katherine Yabut made changes -
            Workflow Original: CONF Bug Subtask WF (TEMP) [ 1687606 ] New: Confluence Workflow - Public Facing - Restricted v3 [ 1732065 ]

              sleberrigaud Samuel Le Berrigaud
              dchui DavidA
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: