Confluence Security Advisory 2008-07-03
In this advisory:
XSS Vulnerability in Various Confluence Actions
Atlassian rates these vulnerabilities as high, according to the scale published in Confluence Security. The scale allows us to rank a vulnerability as critical, high, moderate or low.
- The hacker might take advantage of the flaw to steal other users' session cookies or other credentials, by sending the credentials back to the hacker's own web server.
- The hacker's text and script might be displayed to other people viewing the Confluence page. This is potentially damaging to your company's reputation.
You can read more about XSS attacks at cgisecurity, CERT and other places on the web.
If you judge it necessary, you can disable public access (e.g. anonymous access and public signup) to your wiki until you have applied the necessary patch or upgrade. For even tighter control, you could restrict access to trusted groups only.
For more details please refer to the related JIRA issue, also shown in the table below.
Affected Confluence Versions
Create, edit or copy a page or news item
2.8.0 and 2.8.1
Page picker and space picker
2.2.0 to 2.8.1 inclusive
These issues have been fixed in Confluence 2.8.2 (see the release notes), which you can download from the download centre.
Alternatively, you can download and install the patches provided on our JIRA site. For more information, please refer to the specific JIRA issues shown in the table of vulnerabilities above.
Our thanks to James Rinker who reported some of the vulnerabilities listed above. We fully support the reporting of vulnerabilities and we appreciate his working with us towards identifying and solving the problem.
Was this helpful?Yes Provide feedback about this article