XSS vulnerability can be exploited with the Userlister macro

2009-08-17T01:13:37
ID ATLASSIAN:CONFSERVER-16644
Type atlassian
Reporter mhrynczak
Modified 2017-02-17T05:41:58

Description

Use the following markup:

{noformat}{userlister:groups=<script>alert('Vulerable')</script>}{noformat}

Whenever the page is viewed, the script will be executed.