Description
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
Remediation
References
Related Vulnerabilities
WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.69)
WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5)
WordPress Plugin Facebook Page Feed Timeline Cross-Site Scripting (1.0)
Perl Use of Externally-Controlled Format String Vulnerability (CVE-2012-1151)
WordPress Plugin Nofollow for external link Multiple Unspecified Vulnerabilities (1.1.2)