Atlassian Confluence 6.2.4 < 6.4.0 Editinword Resource Cross-Site Scripting

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to version 6.4.0. It is, therefore, affected by a flaw in the editinword resource which may permit remote attackers to inject arbitrary HTML or JavaScript via a cross site...

Atlassian Confluence Server Cross-Site Scripting Vulnerability

Atlassian Confluence Server is a suite of professional enterprise knowledge management and collaboration software from Atlassian Australia, which can also be used to build an enterprise WiKi. the software enables collaboration and knowledge sharing among team members. A cross-site scripting...

CVE-2017-18083

The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the contents of an uploaded file...

Cross site scripting

The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the contents of an uploaded file...

XSS in the editinword resource through the contents of an uploaded file - CVE-2017-18083

The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the contents of an uploaded file...