Lucene search
+L

5 matches found

Atlassian
Atlassian
added 2013/10/01 10:54 a.m.24 views

Reflected cross-site scripting (XSS) in dosearchsite action

The dosearchsite action is vulnerable to reflected cross-site scripting XSS via the searchQuery.spaceKey parameter. This vulnerability appears to be very similar to issue CONF-30318 and fixes implemented in response to that issue may fix this vulnerability. If the URL below is visited by an...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2013/10/01 10:54 a.m.39 views

Reflected cross-site scripting (XSS) in dosearchsite action

The dosearchsite action is vulnerable to reflected cross-site scripting XSS via the searchQuery.spaceKey parameter. This vulnerability appears to be very similar to issue CONF-30318 and fixes implemented in response to that issue may fix this vulnerability. If the URL below is visited by an...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/08/09 4:40 a.m.26 views

Reflected XSS in 'where' param of doSearchSite

Olivier Beg reported quote noformathttps://confluence.atlassian.com/dosearchsite.action?queryString=%22%3E&startIndex=0&lastModified=LASTWEEK&where=confall%22%3E%3Cimg%20src=x%20onerror=alert1%3Enoformat I asume he is DOM based because he works in google chrome. quote This results in code:html co...

1.4AI score
Exploits0
Atlassian
Atlassian
added 2013/08/09 4:40 a.m.28 views

Reflected XSS in 'where' param of doSearchSite

Olivier Beg reported quote noformathttps://confluence.atlassian.com/dosearchsite.action?queryString=%22%3E&startIndex=0&lastModified=LASTWEEK&where=confall%22%3E%3Cimg%20src=x%20onerror=alert1%3Enoformat I asume he is DOM based because he works in google chrome. quote This results in code:html co...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/08/09 4:40 a.m.20 views

Reflected XSS in 'where' param of doSearchSite

Olivier Beg reported quote noformathttps://confluence.atlassian.com/dosearchsite.action?queryString=%22%3E&startIndex=0&lastModified=LASTWEEK&where=confall%22%3E%3Cimg%20src=x%20onerror=alert1%3Enoformat I asume he is DOM based because he works in google chrome. quote This results in code:html co...

1.4AI score
Exploits0Affected Software1
Rows per page
Query Builder