Uploaded image for project: 'Community Forums Development'
  1. Community Forums Development
  2. FORUMS-111

Vulnerability and Patch - Community Forums 2.26.4

    Details

    • Type: Bug
    • Status: Done (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.26.4
    • Labels:

      Description

      Description

      A security vulnerability in Community Forums for Confluence has been discovered. The vulnerability is classified as high according to Atlassian's security severity levels and only affects Forums menu. We strongly recommend customers update to version 2.26.4 or later of Community Forums as soon as possible.

      About the vulnerability 

      The vulnerability affects the Forums Menu on all versions after Community Forums for Confluence after version 2.4. The vulnerability allows a malicious user to inject a persistent cross-site scripting attack on the Forums menu. We have not detected any instances of this vulnerability being exploited across our entire customer base. 

      How to fix the vulnerability 

      This vulnerability can be fixed by upgrading to Community Forums for Confluence 2.26.4 or above. Full instructions on how to upgrade an app can be found on Atlassian's support page.

      If you are unable to upgrade at this time we recommend you disable the Forums menu in the Community Forums for Confluence section of the Confluence Administrator menu. 

      For more information on how to do this please visit our documentation

      If you have urgent questions please contact our support team.

        Attachments

          Structure

            Activity

              People

              Assignee:
              tgough Tony Gough
              Reporter:
              dlindsay Dylan Lindsay
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Structure Helper Panel