Detections
Analytics

Atlassian Confluence 2.x >= 2.7 / 3.x < 3.4.9 Multiple XSS

low Nessus Plugin ID 53576

Language:

Synopsis

The remote web application is affected by multiple cross-site scripting vulnerabilities.

Description

According to its self-reported version number, the instance of Atlassian Confluence on the remote host is a 2.x version that is 2.7 or later, or else version 3.x prior to 3.4.9. It is, therefore, affected by multiple cross-site scripting vulnerabilities.

Errors in the validation of input data to certain macros allow unfiltered data to be returned to a user's browser. The affected macros are: Include Page, Activity Stream, Action links of attachments lists and Table of Contents.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Confluence version 3.4.9 or later, or apply the appropriate vendor patch.

See Also

http://www.nessus.org/u?19aa48fd

https://jira.atlassian.com/browse/CONF-21604

https://jira.atlassian.com/browse/CONF-21606

https://jira.atlassian.com/browse/CONF-21766

https://jira.atlassian.com/browse/CONF-21819

Plugin Details

Severity: Low

ID: 53576

File Name: confluence_3_4_9.nasl

Version: 1.15

Type: remote

Published: 4/28/2011

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.9

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:atlassian:confluence

Required KB Items: Settings/ParanoidReport, www/confluence

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/16/2011

Vulnerability Publication Date: 1/10/2011

Reference Information

BID: 47398

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

SECUNIA: 44194, 44204