Confluence Security Advisory 2006-01-20
Confluence Security Overview and Advisories
- Confluence Community Security Advisory 2006-01-19
- Confluence Security Advisory 2005-02-09
- Confluence Security Advisory 2005-12-05
- Confluence Security Advisory 2006-01-20
- Confluence Security Advisory 2006-01-23
- Confluence Security Advisory 2006-06-14
- Confluence Security Advisory 2007-07-26
- Confluence Security Advisory 2007-08-08
- Confluence Security Advisory 2007-11-19
- Confluence Security Advisory 2007-11-27
- Confluence Security Advisory 2007-12-14
- Confluence Security Advisory 2008-01-24
- Confluence Security Advisory 2008-03-06
- Confluence Security Advisory 2008-03-19
- Confluence Security Advisory 2008-05-21
- Confluence Security Advisory 2008-07-03
- Confluence Security Advisory 2008-09-08
- Confluence Security Advisory 2008-10-14
- Confluence Security Advisory 2008-12-03
- Confluence Security Advisory 2009-01-07
- Confluence Security Advisory 2009-02-18
- Confluence Security Advisory 2009-04-15
- Confluence Security Advisory 2009-06-01
- Confluence Security Advisory 2009-06-16
- Confluence Security Advisory 2009-08-20
- Confluence Security Advisory 2009-10-06
- Confluence Security Advisory 2009-12-08
- Confluence Security Advisory 2010-05-04
- Confluence Security Advisory 2010-06-02
- Confluence Security Advisory 2010-07-06
- Confluence Security Advisory 2010-08-17
- Confluence Security Advisory 2010-09-21
- Confluence Security Advisory 2010-10-12
- Confluence Security Advisory 2010-11-15
- Confluence Security Advisory 2011-01-18
- Confluence Security Advisory 2011-03-24
- Confluence Security Advisory 2011-05-31
- Confluence Security Advisory 2012-05-17
- Confluence Security Advisory 2012-09-04
- Confluence Security Advisory 2012-09-11
- Confluence Security Advisory 2013-08-05
- Confluence Security Advisory 2014-02-26
- Confluence Security Advisory 2014-05-21
- Confluence Security Advisory - 2015-01-21
- Confluence Security Advisory - 2016-09-21
- Confluence Security Advisory - 2017-04-19
- Confluence Security Advisory - 2019-03-20
- Confluence Security Advisory - 2019-04-17
- Confluence Security Advisory - 2019-08-28
- Confluence Security Advisory - 2019-12-18
- Confluence Security Advisory - 2021-08-25
- Multiple Products Security Advisory - Unrendered unicode bidirectional override characters - CVE-2021-42574 - 2021-11-01
- Multiple Products Security Advisory - Hazelcast Vulnerable To Remote Code Execution - CVE-2016-10750
- Confluence Security Advisory 2022-06-02
- Questions For Confluence Security Advisory 2022-07-20
On this page
Related content
- Javascript Error when accessing Issues link in Project Navigation after Upgrade
- JVM Segfault (SIGSEGV) After Plugin Initialisation
- SIGSEGV Segmentation Fault JVM Crash
- Uncaught QuotaExceededError displays in browser using Jira server
- Character Encoding Issues when using JASIG CAS Authenticator
- JIRA Agile error during page load - curl already exists
- How to fetch the Team name from the comments by using Regex
- JIRA Agile is currently unavailable error when Restoring the JIRA Cloud backup to JIRA 6.4.5 with JIRA Agile 6.7.4
- Error "Field with id' xxx' and name 'Team' does not support operation 'add' Supported operation(s) are: 'set'" on Jira Align Connector
- Configure the look and feel of Jira applications
A flaw has been found in Confluence by which attackers to inject malicious HTML code into Confluence. Atlassian STRONGLY recommends that all Confluence customers apply the fix described below immediately, or upgrade to Confluence 2.1.3.
Vulnerability
By entering HTML/JavaScript code into the full name of a user's profile, attackers can cause arbitrary scripting code to be executed by the user's browser in the security context of the Confluence instance.
This flaw affects all versions of Confluence between 1.4-DR releases and 2.1.2.
This issue was initally reported by Ricardo Sueiras and a fix was quickly documented by Dan Hardiker at the Confluence Community Security Advisory 2006-01-19 page. Our thanks to them for bringing this to our attention.
There is an issue in JIRA at CONF-5233.
Fix
This vulnerability is fixed in Confluence 2.1.3 and later. Customers who do not wish to migrate to 2.1.3 can fix this bug using the procedure below:
Steps to fix:
- Copy macros.vm to your confluence/template/includes folder
- Restart Confluence
Note: If you are using version 1.4.4, please download and copy this file instead. You will need to rename it back to macros.vm
.
If you are not using any of the above versions, you will need to replace wrap calls to display full names of users in $generalUtil.htmlEncode(). Alternatively, send us an email. We do however encourage you to use the latest stable point release regardless of the version you are using.
Related content
- Javascript Error when accessing Issues link in Project Navigation after Upgrade
- JVM Segfault (SIGSEGV) After Plugin Initialisation
- SIGSEGV Segmentation Fault JVM Crash
- Uncaught QuotaExceededError displays in browser using Jira server
- Character Encoding Issues when using JASIG CAS Authenticator
- JIRA Agile error during page load - curl already exists
- How to fetch the Team name from the comments by using Regex
- JIRA Agile is currently unavailable error when Restoring the JIRA Cloud backup to JIRA 6.4.5 with JIRA Agile 6.7.4
- Error "Field with id' xxx' and name 'Team' does not support operation 'add' Supported operation(s) are: 'set'" on Jira Align Connector
- Configure the look and feel of Jira applications