Contributors Summary Macro Shows Data to Anonymous Users

h2. Steps to reproduce In Global Permission, ensure Anonymous users "Can Use" Confluence Create new Space , eg: SpaceA Go To Space Tools Permissions Edit Permission Ensure Anonymous Users has "View" Permission Create a few test pages in SpaceA Then, create a page containing both Contributors Macr...

Contributors Summary Macro Shows Data to Anonymous Users

h2. Steps to reproduce In Global Permission, ensure Anonymous users "Can Use" Confluence Create new Space , eg: SpaceA Go To Space Tools Permissions Edit Permission Ensure Anonymous Users has "View" Permission Create a few test pages in SpaceA Then, create a page containing both Contributors Macr...

XSS vulnerability in Contributors macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence \contributors macro. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An...