Lucene search

K

Atlassian Confluence XSS Vulnerability

🗓️ 05 Jan 2017 00:00:00Reported by Copyright (C) 2017 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 23 Views

Atlassian Confluence is vulnerable to a persistent cross-site scripting vulnerability occurring in pages carrying attached files

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
Atlassian Confluence Jira 5.9.12 - Persistent Cross-Site Scripting Vulnerability
4 Jan 201700:00
zdt
CVE
CVE-2016-6283
18 Jan 201722:59
cve
CVE
CVE-2016-4317
10 Apr 201703:59
cve
NVD
CVE-2016-6283
18 Jan 201722:59
nvd
NVD
CVE-2016-4317
10 Apr 201703:59
nvd
Prion
Cross site scripting
18 Jan 201722:59
prion
Prion
Cross site scripting
10 Apr 201703:59
prion
Packet Storm
Atlassian Confluence 5.9.12 Cross Site Scripting
4 Jan 201700:00
packetstorm
Cvelist
CVE-2016-6283
18 Jan 201722:00
cvelist
Cvelist
CVE-2016-4317
10 Apr 201703:00
cvelist
Rows per page
# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:atlassian:confluence";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.106492");
  script_version("2023-07-14T16:09:27+0000");
  script_tag(name:"last_modification", value:"2023-07-14 16:09:27 +0000 (Fri, 14 Jul 2023)");
  script_tag(name:"creation_date", value:"2017-01-05 11:09:21 +0700 (Thu, 05 Jan 2017)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2017-01-20 13:58:00 +0000 (Fri, 20 Jan 2017)");

  script_cve_id("CVE-2016-6283", "CVE-2016-4317");

  script_tag(name:"qod_type", value:"remote_banner");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Atlassian Confluence XSS Vulnerability");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2017 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_atlassian_confluence_http_detect.nasl");
  script_mandatory_keys("atlassian/confluence/detected");

  script_tag(name:"summary", value:"Atlassian Confluence is prone to a cross-site scripting vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Atlassian Confluence is vulnerable to a persistent cross-site scripting
  vulnerability because it fails to securely validate user controlled data. The bug occurs at pages carrying attached
  files, even though the attached file name parameter is correctly sanitized upon submission, it is possible for an
  attacker to later edit the attached file name property and supply crafted data (i.e HTML tags and script code)
  without the occurrence of any security checks, resulting in an exploitable persistent XSS.");

  script_tag(name:"affected", value:"Atlassian Confluence before version 5.10.6.");

  script_tag(name:"solution", value:"Update to 5.10.6 or later versions.");

  script_xref(name:"URL", value:"https://www.exploit-db.com/exploits/40989/");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (isnull(port = get_app_port(cpe: CPE)))
  exit(0);

if (!version = get_app_version(cpe: CPE, port: port))
  exit(0);

if (version_is_less(version: version, test_version: "5.10.6")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "5.10.6");
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
05 Jan 2017 00:00Current
5.4Medium risk
Vulners AI Score5.4
EPSS0.004
23
.json
Report