This security advisory is not endorsed by Atlassian - this is a public service advisory from a member of the confluence community. Please remember to backup any modified files, and use these instructions at your own risk. While this information is based on Confluence v2.1.2, it may have uses with older affected versions of Confluence.

The official security advisory is located at Confluence Security Advisory 2006-01-20

Problem

There is a possibility of XSS exploitation of the Full Name user profile field when displayed.

Solution

The problem was unescaped outputting of the fullname - wrapping the output in $generalUtil.htmlEncode() resolve it. The vast majority of the problem can be resolved by changing /confluence/template/includes/macros.vm in the distribution on the following lines:

180
186
200
340
893

I have attached the modified macros.vm file here which you can copy into your distribution.

Scope

There are other places which are still affected which Atlassian have been made aware of, a complete resolution should be provided by Atlassian in their own offical advisory.

I hope this helps some of you!

Confluence Community Security Advisory 2006-01-19

Problem

Solution

Scope

Labels

Comments (1)

David Loeng says: