[FE-6995] XSS via wiki markup

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 4.5.1, 4.6.0
Affects Version/s: None
Component/s: None
Labels:

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

Problem

There is was error when rendering nested types of markup. In specially crafted cases, this could be used to create XSS vulnerabilities on pages that render wiki markup.

Affected versions

older than 4.5.1

Fixed versions

4.5.1 and higher
4.6.0 and higher

relates to

CRUC-8162 XSS via wiki markup

Closed

JRASERVER-67108 XSS in various types of nested wiki markup - CVE-2017-18102

Closed

There are no comments yet on this issue.

Assignee:: Unassigned

Reporter:: Marek Parfianowicz

Affected customers:: 0 This affects my team

Watchers:: 2 Start watching this issue

Created:: 18/Jan/2018 10:41 AM

Updated:: 10/Apr/2018 4:27 AM

Resolved:: 18/Jan/2018 10:49 AM

Details

Description

Problem

Affected versions

Fixed versions

Attachments

Issue Links

Forms

Activity

People

Dates