12 matches found
reflected xss in the pageId request parameter in 500page.jsp
A scanner picked up that the pageId parameter in 500page.jsp is a potentially reflected xss bug. This can be exploited through a url like the following: https://example.com/pages/viewtrash.vm;editpage?pageId=%22%3E%3Cscript%3Ealert1%3C/script%3E code /images/icons/emoticons/warning.png" You can...
reflected xss in the pageId request parameter in 500page.jsp
A scanner picked up that the pageId parameter in 500page.jsp is a potentially reflected xss bug. This can be exploited through a url like the following: https://example.com/pages/viewtrash.vm;editpage?pageId=%22%3E%3Cscript%3Ealert1%3C/script%3E code /images/icons/emoticons/warning.png" You can...
reflected xss in the pageId request parameter in 500page.jsp
A scanner picked up that the pageId parameter in 500page.jsp is a potentially reflected xss bug. This can be exploited through a url like the following: https://example.com/pages/viewtrash.vm;editpage?pageId=%22%3E%3Cscript%3Ealert1%3C/script%3E code /images/icons/emoticons/warning.png" You can...
500page.jsp Improvements
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-19601. panel Some further improvements to the 500page.jsp: The following should not appear if there is no stack trace: quote Cau...
Atlassian JIRA 500page.jsp Referer XSS
"The Atlassian JIRA installation hosted on the remote web server is affected by a cross-site scripting XSS vulnerability in the 500page.jsp file due to an HTTP 'referer' field not being properly sanitized before being displayed in the page. A remote attacker can exploit this, by tricking a user...
500page.jsp contains HTTP Header XSS vulnerability
The 500page.jsp contains an XSS vulnerability via the 'Referrer' HTTP header...
500page.jsp contains HTTP Header XSS vulnerability
The 500page.jsp contains an XSS vulnerability via the 'Referrer' HTTP header...
500page.jsp contains HTTP Header XSS vulnerability
The 500page.jsp contains an XSS vulnerability via the 'Referrer' HTTP header...
CVE-2007-6617
Cross-site scripting XSS vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when generating error messages, as demonstrated by input originally sent in the URI to secure/CreateIssue...
CVE-2007-6617
Cross-site scripting XSS vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when generating error messages, as demonstrated by input originally sent in the URI to secure/CreateIssue...
Atlassian JIRA 500page.jsp XSS
The Atlassian JIRA installation hosted on the remote web server is affected by a cross-site scripting XSS vulnerability due to a failure to properly sanitize user-supplied error messages before being passed to the 500page.jsp script. A remote attacker, using a crafted URL, can exploit this to...
Cross-site scripting vulnerability in 500page.jsp
The test successfully embedded a script in the response, which will be executed once the page is loaded in the user's browser. This means that the application is vulnerable to the Cross-Site Scripting attack. The file 500page.jsp should escape the attributes and parameters to prevent code...