3 matches found
The vulnerability of the Rouge formatting tool, a program for grammatical analysis and format conversion of Markdown Kramdown, arises from the use of externally controlled input data for class selection. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Rouge formatting tools for grammatical analysis and Markdown format conversion allows attackers to gain access to confidential data, compromise its integrity, and cause service failures. This vulnerability is related to the lack of restrictions on the space used by the...
Member of confluence-administrators group able to see restricted page in pagetree, quick search and navigation panel
Bug Background Confluence super-users or member of confluence-administrators group should be able to access any content in Confluence including restricted content as long as it have the direct URL to access as describe in our documentation...
Users can move attachments to a space they have no permission for
Any user with permission to edit pages in a space can move attachments in that space to any page in Confluence. Eg: suppose we have a user named StandardUser who has permission to edit pages in GeneralSpace, but no permission to view or edit RestrictedSpace, which contains a page predictably name...