[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software
From: Moritz Naumann <moritz.naumann@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 4 Jan 2017 12:57:15 +0100

Hi Jodson,

Am 03.01.2017 um 19:50 schrieb jlss:
> =====[ Tempest Security Intelligence - ADV-3/2016 CVE-2016-6283
> ]==============
>
>   Persisted Cross-Site Scripting (XSS) in Confluence Jira Software
>   ----------------------------------------------------------------
>
your advisory mentions both Confluence and JIRA, which, as far as I
know, are separate Atalssian products.

Are both affected?

Thanks for clarifying,

Moritz

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software
  - From: jlss

References:
- [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software
  - From: jlss

Prev by Date: [FD] Executable installers are vulnerable^WEVIL (case 45): ReadPDF's installers allow escalation of privilege
Next by Date: [FD] Stop User Enumeration does not stop user enumeration (WordPress plugin)
Previous by thread: [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software
Next by thread: Re: [FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software
Index(es):
- Date
- Thread