Confluence Docs 2.10 : Confluence Security Advisory 2008-03-19
This page last changed on Sep 29, 2008 by smaddox.
In this advisory: Error formatting macro: toc: java.lang.NullPointerException
XSS Vulnerabilities in Various Confluence ActionsSeverityAtlassian rates these vulnerabilities as high, according to the scale published in Confluence Security. The scale allows us to rank a vulnerability as critical, high, moderate or low. Risk AssessmentWe have identified and fixed a number of security flaws which may affect Confluence instances in a public environment. The flaws are all XSS (cross-site scripting) vulnerabilities in various Confluence actions. Each vulnerability potentially allows a malicious user (hacker) to embed their own JavaScript into a Confluence page.
To fix the vulnerabilities described below, Atlassian recommends that you take one of the following steps:
You can read more about XSS attacks at cgisecurity, CERT and other places on the web. Risk MitigationIf you judge it necessary, you can disable public access (e.g. anonymous access and public signon) to your wiki until you have applied the necessary patch or upgrade. For even tighter control, you could restrict access to trusted groups only. VulnerabilityA hacker can inject their own JavaScript into the Confluence actions listed in the table below. Each of the actions is invoked when a user performs a specific function in Confluence, such as clicking a link or a button. The actions can also be invoked by simply entering the URL into the browser address bar. For more details please refer to the related JIRA issue, also shown in the table below.
FixThese issues have been fixed in Confluence 2.7.3 (see the release notes), which you can download from the download centre. Patches are available for Confluence 2.6.x. For more information, please refer to the specific JIRA issues shown in the table of vulnerabilities above. Our thanks to the people who reported some of the vulnerabilities listed above. We fully support the reporting of vulnerabilities and we appreciate their working with us towards identifying and solving the problem. |
![]() |
Document generated by Confluence on Dec 03, 2008 15:04 |