2 matches found
Persistent Cross Site Scripting Flaw in User Profiles
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46664. panel A persistent cross site scripting flaw exists in user profiles when the user updates his/her Homepage URL from the...
Persistent Cross Site Scripting Flaw in User Profiles
A persistent cross site scripting flaw exists in user profiles when the user updates his/her Homepage URL from the Atlassian ID system to contain an XSS vector which executes when inserted as a link, and clicked on by the victim. 1. Visit https://id.atlassian.com/profile/ 2. Update your Homepage...