DOM-XSS vulnerability in Scroll PDF Exporter and Scroll Word Exporter 2019-09-16

Description

Summary

This advisory discloses a security issue of medium severity affecting Scroll PDF Exporter for Confluence Cloud and Scroll Word Exporter for Confluence Cloud and provides a step-by-step guide to help you rectify the issue.

Affected Products

Scroll PDF Exporter for Confluence Cloud and Scroll Word Exporter for Confluence Cloud were affected before September 16, 2019.

Severity

K15t rates the severity level of this issue as medium, because it can be abused to forge other K15t websites.

This is our baseline assessment – it's best if you evaluate its applicability to your own IT environment.

Detailed description

A bug in the way our integration with Confluence Cloud works allowed an attacker to inject arbitrary scripts into web pages served by the app host (DOM-XSS).

To exploit this an attacker would need to send a manipulated link pointing to our app server to a victim. When following this link, the victim would see a forged website that might encourage the victim to enter any credentials.

This vulnerability could not be directly used to access customer-owned data within the Confluence instance.
According to our access logs this vulnerability has not been exploited so far.

We've rated this bug with a CVSS score of 4.7 (Medium).

Steps we've taken to fix this issue

  • We updated our Cloud apps so they are no longer vulnerable to this attack.

What you need to do to solve this issue on your instance

No actions are required from customers as updates occur automatically for Cloud apps.

Environment

None

Status

Assignee

Unassigned

Reporter

Sync User [K15t]

Labels

None

Participants

None

Deployment

Cloud

Components

Fix versions

Due date

2019/09/16

Priority

Major
Configure