3 matches found
Atlassian Confluence < 6.4.2 issuesURL Parameter Reflected XSS (CVE-2017-18086)
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.4.2. It is, therefore, affected by a reflected cross-site scripting vulnerability in multiple resources that use the issuesURL parameter. Note that Nessus has not tested fo...
CVE-2017-18086
CVE-2017-18086 affects Atlassian Confluence Server prior to 6.4.2, where the issuesURL parameter can be exploited to inject arbitrary HTML/JavaScript via a reflected XSS vulnerability. Public sources (NVD/Nessus/CNVD) describe the issue as a reflected XSS in multiple resources using the issuesURL...
XSS in various resources in the issuesURL parameter - CVE-2017-18086
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the issuesURL parameter...