Description
Various resources in Atlassian Confluence Server before version 6.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.
Remediation
References
Related Vulnerabilities
MySQL Numeric Errors Vulnerability (CVE-2007-2583)
WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.37)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.15)
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
WordPress Plugin Contact Form 7-PayPal Add-on Cross-Site Request Forgery (1.3.4)