Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 4.1.1, 4.2
Affects Version/s: 3.12, 3.12.1, 3.12.2, 3.12.3, 3.13, 3.13.1, 3.13.2, 3.13.3, 3.13.4, 3.13.5, 4.0, 4.0.1, 4.0.2, 4.1
Component/s: Issue - Attachments
Labels:

Introduced in Version:
3.12
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

The screenshot-redirector.jsp does note escape the 'afterURL' URL parameter correctly, leading to an XSS attack vector.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Andreas Knecht (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/Apr/2010 5:06 AM

Updated:: 27/Mar/2019 11:58 PM

Resolved:: 19/Apr/2010 4:15 AM