Description Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page. Remediation References CVE-2016-4317 Related Vulnerabilities PHP Other Vulnerability (CVE-2015-8876) e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36121) CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20716) MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-45038) WordPress Plugin Category and Page Icons Multiple Vulnerabilities (0.9.1) Severity Medium Classification CVE-2016-4317 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities