49 matches found
CVE-2023-50932
An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visitin...
CVE-2023-50931
An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting...
CVE-2023-50931
An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting...
CVE-2023-50932
The CVE-2023-50932 issue affects savignano S/Notify before 4.0.2 on Confluence. When an administrative user is logged in, the app’s configuration can be modified via CSRF, triggered by clicking a malicious link or visiting a malicious site. If exploited, an attacker could adjust the S/Notify conf...
CVE-2023-50931
savignano S/Notify for Bitbucket
CVE-2023-50930
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...
savignano S/Notify Security Vulnerabilities
savignano S/Notify is savignano's most versatile email encryption solution for Jira, Confluence and Bitbucket. A security vulnerability exists in savignano S/Notify versions prior to 4.0.2 that originates from a configuration setting that can be modified via a cross-site request forgery CSRF...
CVE-2023-50930
Affected product: savignano S/Notify for Jira (prior to v4.0.2). Root cause: CSRF enables an administrative user to modify configuration settings when logged in, via a malicious link or malicious website. Impact: potential for unencrypted email notifications (confidentiality impact) and configura...
PT-2023-8642 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: S/Notify versions prior to 4.0.2 for Jira Description: An issue was discovered that allows the configuration settings of S/Notify to be modified via a CSRF attack while an administrative user is logged on. This could be initiated by the...