Confluence Security Advisory 2007-08-08
In this advisory:
Input in the RSS Feed Builder is not validated
Vulnerability
The input for the RSS Feed Builder is not required to be escaped. This can make a Confluence instance vulnerable to an XSS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8993.
Atlassian recommends that you upgrade to Confluence 2.5.6.
Input when editing Space Permissions is not validated
Vulnerability
The 'Grant permission to' field on the 'Edit Space Permissions' screen is not validated. This can make a Confluence instance vulnerable to an XSS or DoS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8980 and CONF-8979.
Atlassian recommends that you upgrade to Confluence 2.5.6.
Number of labels that can be added to a page is not restricted
Vulnerability
There is no restriction on the number of labels that can be added to a page at a time. This can make a Confluence instance vulnerable to a DoS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8978.
Atlassian recommends that you upgrade to Confluence 2.5.6.
Input when editing navigation themes is not validated
Vulnerability
The 'Navigation Page' specified in the 'Left Navigation Theme' configuration is not validated. This can make a Confluence instance vulnerable to a XSS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8956.
Atlassian recommends that you upgrade to Confluence 2.5.6.
Viewing of space content alphabetically is not validated
Vulnerability
When viewing space content by alphabetic character, the input is not validated as being alphabetic. This can make a Confluence instance vulnerable to an XSS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8952.
Atlassian recommends that you upgrade to Confluence 2.5.6.
Input when editing Space Name is not validated
Vulnerability
The 'Name' field on the 'Edit Space Details' screen is not validated. This can make a Confluence instance vulnerable to an XSS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8951.
Atlassian recommends that you upgrade to Confluence 2.5.6.
Input when viewing attachments by file-type is not validated
Vulnerability
The 'Filter By Extension' field on the 'List Space Attachments' screen is not validated. This can make a Confluence instance vulnerable to an XSS attack.
Fix
This issue has been fixed in Confluence 2.5.6. For more information, please see CONF-8950.
Atlassian recommends that you upgrade to Confluence 2.5.6.