XSS in reorder panel

Type atlassian
Reporter djohnson@atlassian.com
Modified 2018-10-11T09:09:01


To reproduce: 1. Open a confluence instance in Firefox. 2. Create a space with key "TEST". 3. Create a page in that space called "<script>alert(0)</script>". 4. Create two pages with the page from step 3 as their parent. 5. Go to: {code:none} [base path]/panels/reorderpage.action?panelName=reorder&spaceKey=TEST&title=%3Cscript%3Ealert%280%29%3C/script%3E&movedPageId=0&pageTitle= {code} An alert should open. The strings in steps 2 and 3 are only important in that they need to match the URL (any space or XSS string can be used).

See [reorder-page.vm, line 10|https://stash.atlassian.com/projects/CONF/repos/confluence/browse/confluence-core/confluence-webapp/src/main/webapp/pages/panels/reorder-page.vm?until=cb9f7bac0d77b8777132d704f0a959b35c07723e#10].