5 matches found
Atlassian Confluence < 6.6.1 viewdefaultdecorator Reflected XSS (CVE-2017-18085)
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.6.1. It is, therefore, affected by a reflected cross-site scripting vulnerability in the viewdefaultdecorator resource. Note that Nessus has not tested for this issue but h...
CVE-2017-18085
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the key parameter...
CVE-2017-18085
CVE-2017-18085 affects Atlassian Confluence Server prior to version 6.6.1, with a reflected XSS in the viewdefaultdecorator resource via the key parameter. Proof-of-impact details: arbitrary HTML/JavaScript can be injected. Affected products and versions are supported by multiple connected source...
XSS in the viewdefaultdecorator resource through the key parameter - CVE-2017-18085
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the key parameter...
XSS in the viewdefaultdecorator resource through the key parameter - CVE-2017-18085
The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the key parameter...