Latex Plugin-Cross-site Scripting Error

Type atlassian
Reporter jwitcraft
Modified 2018-10-11T08:51:31


Our security group scanned the plugin below and found the following issue for the Latex Plugin:

Number System/Location Defect Type Status R1 Latex Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies, which may be used to impersonate a legitimate user, allowing the hacker to view or alter user records or gain access to other Single Sign On applications and perform transactions as that user. Refer to the url: