Lucene search
K

517 matches found

Atlassian
Atlassian
added 2013/06/20 8:12 a.m.15 views

Allow cookie-less instance for security reasons

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29687. panel Allow administrators to completely remove 'remember me' and disallow remembering usernames and passwords via HTML5...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/05/10 2:55 p.m.23 views

Recommended updates email includes excerpts from Private/Restricted pages

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-29254. panel The recommended updates email will include pages that are restricted, so all users will see an excerpt of that page...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2013/03/18 8:33 a.m.21 views

Activity stream not respecting parent page restrictions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-28543. panel The Confluence Activity stream will display all pages that the user has access to according to the restrictions...

1AI score
Exploits0
Atlassian
Atlassian
added 2013/01/08 12:16 p.m.26 views

Default application configuration files are available for download

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-27693. panel h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/01/08 12:16 p.m.18 views

Default application configuration files are available for download

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-27693. panel h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under...

2.1AI score
Exploits0
Atlassian
Atlassian
added 2012/11/20 1:56 a.m.32 views

Webwork direct method invocation can bypass validatingStack through Action aliases

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-27294. panel WebWork supports the concept of action aliases, which allow a single action class to serve requests mapping to...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2012/10/15 12:39 a.m.32 views

Arbitrary resource file download in urlrewrite.xml

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-26888. panel There is an arbitrary resource file download vulnerability triggered by a third party library...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/10/15 12:39 a.m.28 views

Arbitrary resource file download in urlrewrite.xml

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-26888. panel There is an arbitrary resource file download vulnerability triggered by a third party library...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2012/08/29 11:13 a.m.29 views

Inherit Edit Restrictions for Child Pages

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-26446. panel As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions:...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/08/08 7:48 a.m.24 views

Persistent xss flaw in the revision history (of comments).

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47387. panel Whilst a comment is html encoded /sanitized when displayed within an answer to a question the revision history page...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/08/08 7:48 a.m.23 views

Persistent xss flaw in the revision history (of comments).

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47387. panel Whilst a comment is html encoded /sanitized when displayed within an answer to a question the revision history page...

1.3AI score
Exploits0
Atlassian
Atlassian
added 2012/07/27 7:41 a.m.16 views

The csrf token cookie should be a 'secure' cookie like the sessionid cookie

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46613. panel That is that csrf token cookie 'csrftoken' should have the 'secure' attribute like the session cookie. In django 1....

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 5:34 a.m.17 views

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rando...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 5:34 a.m.16 views

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rando...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2012/01/08 11:39 p.m.25 views

Provide an abstract Seraph authenticator for SSO authenticators to subclass that reduces the plumbing code required to interact with Embedded Crowd

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-24358. panel This is currently the most comprehensive version I have so far compiled of the code a custom SSO authenticator for...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/10/19 5:42 p.m.28 views

Secure Section Macro

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-23637. panel This is a suggestion to create a new Macro/Plugin that worked similar to the Column Macro with the major difference...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/08/25 3:13 p.m.25 views

Better error message when viewing an embedded calendar as an unprivileged user

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-51101. panel On our site's dashboard I have a calendar macro defined as:...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/06/10 5:28 p.m.23 views

Make captcha harder, or allow configuration of captcha difficulty, in order to prevent sophisticated spam attacks

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-22700. panel Every day we get a load of automated anonymous comment spam on our confluence pages. It seems that the captcha is t...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/03/23 5:32 a.m.23 views

Searching within restricted pages/spaces

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-22074. panel This is the issue reference:...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/01/03 4:39 p.m.21 views

Admin menu items displayed to non-admins when accessing "Global Templates" page

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-21562. panel When accessing the "Global Templates" menu as a non-admin, the navigation controls for the administration panel are...

1.1AI score
Exploits0Affected Software1
Rows per page
Query Builder