Description
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2023-22049 Vulnerability (CVE-2023-22049)
phpMyAdmin Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2020-22278)
WordPress Plugin WP Post to PDF Enhanced Cross-Site Scripting (1.0.5)
WordPress Plugin Breezing Forms Cross-Site Scripting (1.2.7.33)
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Cross-Site Scripting (2.1.7)