3 matches found
[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability
------------------------------- INTREST SEC | Security Advisory ------------------------------- Product: Confluence Wiki Vendor: Atlassian www.atlassian.com Vulnerability Type: Cross Site Scripting XSS Risk Level: High classified by vendor Discovered by: INTREST SEC - NID Public Diclosure:...
Security Issue: XSS in wiki exception error page
The confluence wiki does contain a XSS possibility in the exception error page. The user input string is NOT output encoded at following lines: a - - Query String: url=alertdocument.cookie b - javax.servlet.forward.querystring : url=alertdocument.cookie c - atlassian.core.seraph.original.url :...
Security Issue: XSS in wiki exception error page
The confluence wiki does contain a XSS possibility in the exception error page. The user input string is NOT output encoded at following lines: a - - Query String: url=alertdocument.cookie b - javax.servlet.forward.querystring : url=alertdocument.cookie c - atlassian.core.seraph.original.url :...