Description
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
Affected products
- Atlassian / Confluenceunspecified – 6.6.1