CVE-2017-18085

2018-02-02T14:29:00
ID CVE-2017-18085
Type cve
Reporter cve@mitre.org
Modified 2019-04-26T18:05:00

Description

The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.