CVE-2016-4317

Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
Configurations

Configuration 1 (hide)

cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:51

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/97513 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/97513 - Third Party Advisory, VDB Entry
References () https://confluence.atlassian.com/doc/confluence-5-9-11-release-notes-827123763.html - () https://confluence.atlassian.com/doc/confluence-5-9-11-release-notes-827123763.html -
References () https://jira.atlassian.com/browse/CONF-42713 - () https://jira.atlassian.com/browse/CONF-42713 -
References () https://jira.atlassian.com/browse/CONFSERVER-42713 - Issue Tracking () https://jira.atlassian.com/browse/CONFSERVER-42713 - Issue Tracking

Information

Published : 2017-04-10 03:59

Updated : 2024-11-21 02:51


NVD link : CVE-2016-4317

Mitre link : CVE-2016-4317

CVE.ORG link : CVE-2016-4317


JSON object : View

Products Affected

atlassian

  • confluence
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')