Lucene search
Atlassian Confluence Error Page XSS Vulnerability
🗓️ 18 Sep 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 22 Views
Atlassian Confluence XSS Vulnerability, allows execution of arbitrary script cod
Show more
| Source | Link |
|---|---|
| securityfocus | www.securityfocus.com/bid/55509 |
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:atlassian:confluence";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.103569");
script_version("2023-07-25T05:05:58+0000");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_name("Atlassian Confluence Error Page XSS Vulnerability");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/55509");
script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
script_tag(name:"creation_date", value:"2012-09-18 11:53:40 +0200 (Tue, 18 Sep 2012)");
script_category(ACT_ATTACK);
script_family("Web application abuses");
script_copyright("Copyright (C) 2012 Greenbone AG");
script_dependencies("gb_atlassian_confluence_http_detect.nasl");
script_require_ports("Services/www", 80);
script_mandatory_keys("atlassian/confluence/http/detected");
script_tag(name:"solution", value:"Updates are available. Please see the references for more information.");
script_tag(name:"summary", value:"Atlassian Confluence is prone to a cross-site scripting vulnerability
because it fails to sufficiently sanitize user-supplied data.");
script_tag(name:"impact", value:"An attacker may leverage this issue to execute arbitrary script code
in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker
to steal cookie-based authentication credentials and to launch other attacks.");
script_tag(name:"affected", value:"Atlassian Confluence versions prior to 4.1.9 are vulnerable.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"remote_vul");
exit(0);
}
include("http_func.inc");
include("host_details.inc");
include("http_keepalive.inc");
include("url_func.inc");
if(!port = get_app_port(cpe:CPE, service:"www"))
exit(0);
if(!dir = get_app_location(cpe:CPE, port:port))
exit(0);
if(dir == "/")
dir = "";
js = urlencode(str:'<IFRAME SRC="javascript:alert(/xss-test/)">', unreserved:':=/');
url = dir + '/pages/includes/status-list-mo' + js + '.vm';
if(http_vuln_check(port:port, url:url, pattern:'<IFRAME SRC="javascript:alert\\(/xss-test/\\)">', check_header:TRUE)) {
report = http_report_vuln_url(port:port, url:url);
security_message(port:port, data:report);
exit(0);
}
exit(99);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo18 Sep 2012 00:00Current
6.6Medium risk
Vulners AI Score6.6