XSS vulnerability resolved 

A cross-site scripting (XSS) vulnerability is identified and resolved. Affected versions are RefinedWiki Mobile Interface 3.0 - 3.0.2. We recommend you to upgrade to version 3.0.3 or later. 

 

Risk Assessment

The cross-site scripting (XSS) vulnerability affect Confluence instances, including publicly available instances (that is, internet-facing servers), if the attacker is allowed to edit pages. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at cgisecurity.com (http://www.cgisecurity.com/articles/xss-faq.shtml)

Confluence Data Center ready

RefinedWiki Mobile Interface is now Confluence Data Center Ready. 

Support for Confluence 5.6

  • No labels