XSS vulnerability can be exploited with the pagetree macro

2009-08-18T01:18:18
ID ATLASSIAN:CONFSERVER-16651
Type atlassian
Reporter mhrynczak
Modified 2018-10-11T08:56:23

Description

Use the following markup:

{noformat}{pagetree:root=<script>alert('12')</script>}{noformat}

Whenever the page is viewed, the script will be executed.