21 matches found
CVE-2024-32467 Meteraphsere vulnerable to unauthorized viewing by workspace members
MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue...
User Management - Space View and Edit Control
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-45194. panel With our Confluence users linking to LDAP, it is difficult having to create and delete groups to control...
If user is restricted to only view the space they should not be able to create or import a calendar
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-48465. panel panel:title=23 July 2019 Update|bgColor=e7f4fa Hi everyone, thank you for your interest in this ticket. After...
Space permissions ignored in list of blog posts by date
h3. Summary Users have the ability to view a list of all blog posts, even from spaces in which they don't have permission to access. h3. Steps to Reproduce Install Confluence 5.7.x Create two spaces Space A Space B remove all permissions for confluence-users Create a blog post in Space A Create a...
Member of confluence-administrators group able to see restricted page in pagetree, quick search and navigation panel
Bug Background Confluence super-users or member of confluence-administrators group should be able to access any content in Confluence including restricted content as long as it have the direct URL to access as describe in our documentation...
Draft retrieval in the editor doesn't respect page or space permissions
Drafts are supposed to be per user and private but given a draft id, which should be easy to guess as they are sequential, you can access the contents of any draft, both for new and existing pages by using the following urls:...
Draft retrieval in the editor doesn't respect page or space permissions
Drafts are supposed to be per user and private but given a draft id, which should be easy to guess as they are sequential, you can access the contents of any draft, both for new and existing pages by using the following urls:...
Secure Mail Archive with Space Permissions
Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visible to all space users. REQUEST: Apply Restrict Space Permissions to Mail Archive Same behavior as for Pages, restricting ability to search or view mail archive based on permissions. S...
Secure Mail Archive with Space Permissions
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-31945. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visibl...
Secure Mail Archive with Space Permissions
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-31945. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visib...
Secure Mail Archive with Space Permissions
Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visible to all space users. REQUEST: Apply Restrict Space Permissions to Mail Archive Same behavior as for Pages, restricting ability to search or view mail archive based on permissions. S...
Secure Mail Archive with Space Permissions
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-31944. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visibl...
Secure Mail Archive with Space Permissions
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-31944. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visib...
Inherit Edit Restrictions for Child Pages
As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions: quote'Edit' restrictions are not inherited from the parent page, only from the space. In a space, the 'Add Pages' permission governs both the creation and the editiing of pages. See...
Inherit Edit Restrictions for Child Pages
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-26446. panel As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions:...
Inherit Edit Restrictions for Child Pages
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-26446. panel As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions:...
admin/fixCaseInSpacePermissions.jsp lacks an XSRF token to 'fix the case of your space permissions'
admin/fixCaseInSpacePermissions.jsp does not require a csrf token to 'fix the case of your space permissions'. When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...
Partial space admin permission/authority
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-15172. panel I followed these guidelines, but this is not fine grained enough...
Boolean operators on user and group management
Please consider this as a feature request for a future release of Confluence. Boolean operands on Space permissions would be awesome. E.g. setup a Space that people in the LDAP group STAFF and the LDAP group Biosciences were the only people that were able to view/edit/add/etc - otherwise I have t...
Boolean operators on user and group management
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-13634. panel Please consider this as a feature request for a future release of Confluence. Boolean operands on Space permissions...