Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

cross-site scripting vulnerability

Mark Amos
Mark Amos January 4, 2016

I recently read about two vulnerabilities in Confluence: CVE-2015-8398 and CVE-2015-8399 that were apparently fixed in version 5.8.17. 

 

Were these vulnerabilities in the SaaS version of the product, or only the on-site/company hosted version of the product?

 

Answer
Watch
Like Joe Clark likes this
445 views

2 answers

1 accepted

2 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 4, 2016

They were on some releases of Cloud, but Cloud is updated regularly and frequently, and it was upgraded well before these vulnerabilities were announced.

Reply
0 votes
Mark Amos
Mark Amos January 4, 2016

Thanks for the quick reply, Nic!

Do the cloud version and the in-house version share the same version/release numbering scheme?

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 4, 2016

It's not identical, because the Cloud versions need some tweaks that take them away from the main branch. But those tweaks are purely to do with running it as a Cloud service. You'll see different build numbers (and Cloud versions will have the old "OD" in there to indicate that they're Cloud), but if someone says "Confluence 5.8.17", then it doesn't matter if it's Cloud or Server, it'll be the same (ok, until someone adds add-ons...)

Like
Mark Amos
Mark Amos January 4, 2016

Ahh. Thanks for clearing that up!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events