Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2017/03/13 4:15 a.m.32 views

Restricted Work Log entries show in the Activity Stream for JIRA Cloud

h3. Summary When using a group comment visibility on worklogs the restriction is not applied in the Activity Stream. h3. Steps to Reproduce Set up a test user JIRA Users. Enable comment visibility to support groups as per Configuring JIRA...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2017/01/13 4:59 a.m.32 views

The Confluence Login page should not gives details of build version to unauthenticated users

The login page discloses detailed version information of the application to unauthenticated users. !screenshot-1.png|thumbnail! This information facilitates finding vulnerabilities for possible attackers suggestion: Remove the build number completely in the login page...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/07/07 4:22 a.m.32 views

CVE-2016-5229 - Deserialisation resulting in remote code execution caused by insufficient restriction on permitted deserialised classes

Bamboo had a resource that deserialised input from build agents and did not sufficiently restrict which classes could be deserialised. To exploit this issue, attackers need to have a valid Bamboo agent fingerprint or be able to run code on a Bamboo agent. Affected versions: All versions of Bamboo...

9.8CVSS3.9AI score0.0709EPSS
Exploits0
Atlassian
Atlassian
added 2015/12/04 6:12 a.m.32 views

Upgrade to version 3.2.2 of apache commons-collections

quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/12/01 10:36 a.m.32 views

Log forging vulnerability

It is possible to fake log entries in FishEye/Crucible logs, by sending specially crafted http requests containing a newline character. For example going to the url /changelog/asd%0AFake%20log%20entry will cause the following to be logged: code 2015-03-24 09:59:09,564 INFO qtp1610928748-315 fishe...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/10/12 4:26 a.m.32 views

CVE-2015-6576: Deserialisation Resulting in Remote Code Execution Vulnerability

Bamboo had a resource that deserialised arbitrary user input without restriction. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of Bamboo. To exploit this issue, attackers need to be able to access the Bamboo web interface...

8.8CVSS8.7AI score0.03618EPSS
Exploits0
Atlassian
Atlassian
added 2015/03/24 9:0 a.m.32 views

Log forging vulnerability

It is possible to fake log entries in FishEye/Crucible logs, by sending specially crafted http requests containing a newline character. For example going to the url /changelog/asd%0AFake%20log%20entry will cause the following to be logged: code 2015-03-24 09:59:09,564 INFO qtp1610928748-315 fishe...

1.1AI score
Exploits0
Atlassian
Atlassian
added 2015/01/28 10:18 a.m.32 views

Disabling user in delegated Active Directory doesn't disable them in Confluence until they log in

h3.Steps to Reproduce Create a delegated directory, hooked to Active Directory Login with an AD user, with the "Remember Me" option checked Close the browser completely Disable the user in AD by checking the "Account is disabled" option in User Properties Account Account Options Launch the browse...

1.5AI score
Exploits0
Atlassian
Atlassian
added 2014/07/17 11:20 p.m.32 views

Specify logging level to Prevent Root DEBUG from Exposing Login

h3. Summary Setting root level DEBUG can expose login information username/pw when JIRA is connected to Crowd for user management, as it outputs the REST POST contents that are transmitted through the HttpClient. h3. Environment Crowd integrated with JIRA for user management. h3. Steps to Reprodu...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/27 1:2 a.m.32 views

Remote DoS Exploit on Confluence

Nir Goldshlager have discovered a vulnerability on atlassian-gadgets when parsing XMLs. Basically anyone can craft a URL containing a parameter with some XML that will make the instance run out of memory when trying to parse it. Details on the attack can be found on...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/09 12:56 p.m.32 views

statTypes REST API exposes all statistics field names anonymously

On an instance with no anonymous access enabled, /rest/gadget/1.0/statTypes returns a list of all stattable custom fields names and IDs in the instance in response to anonymous requests. This is a nasty exposure of data - admins have no way of knowing that private data shouldn't be put into custo...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/04/22 11:42 p.m.32 views

Open redirect on Bamboo login page, only when configured for HTTPS connections

If Bamboo is configured for HTTPS connections, then the following happens. It does not occur when Bamboo is configured as HTTP:// Description Bamboo has an open redirect on the login page which allows redirection to external sites. The osdestination parameter on the userlogin page and other pages...

6.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/02/06 8:13 p.m.32 views

Confluence Administrator Can Add Himself to System Administrator Group

I have found what I believe to be a security bug in Confluence that should be fixed. We have System Administrator function from the Confluence Administrator Group, and created a new Group called System Administrators see attachment. The purpose was to give our Tech Writers the ability to access t...

2.4AI score
Exploits0
Atlassian
Atlassian
added 2013/10/01 10:59 a.m.32 views

Inaccessible page titles leaked by Share Page API

The Share Page API exposes a REST endpoint that is available to authenticated users of Confluence. It is possible for any user to share any page simply by specifying the corresponding numeric id and the resulting notification includes the title of the shared page. In particular, a user may obtain...

6.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/08/30 6:26 p.m.32 views

/rest/menu/1.0/appswitcher displays data unauthenticated

"Calling" this function returns data without any authentication required: noformat curl https://support.atlassian.com/rest/menu/latest/appswitcher | python -mjson.tool % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 787 0 787 0 0 531 0...

7.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/01/02 4:17 a.m.32 views

Reflected xss in the jira-gadgets-plugin getLabelGroups rest resource

The jira-gadgets-plugin LabelsResource class exposes a getLabelGroups rest resource that is vulnerable to reflected xss through the user supplied 'project' path parameter. The vulnerability is caused by building an error response message with a content type of text/html and not html encoding the...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/11/20 1:56 a.m.32 views

Webwork direct method invocation can bypass validatingStack through Action aliases

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-27294. panel WebWork supports the concept of action aliases, which allow a single action class to serve requests mapping to...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2012/10/15 12:39 a.m.32 views

Arbitrary resource file download in urlrewrite.xml

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-26888. panel There is an arbitrary resource file download vulnerability triggered by a third party library...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/08/18 1:40 a.m.32 views

JIRA FishEye plugin not working - Error handling trusted applications authentication attempt: BAD_SIGNATURE

This bug effects you if: you are running JIRA 4.4+ and FishEye 2.6.0-2.6.3 you have Trusted Applications authenticating the link between your JIRA and FishEye servers If you attempt to configure or use the JIRA FishEye plugin, you may see errors in the UI and log messages like this in JIRA:...

Exploits0Affected Software1
Atlassian
Atlassian
added 2011/05/23 1:48 a.m.32 views

Members of confluence-administrators receive notifications for comments and attachments on restricted pages

Members of the special confluence-administrators group have access to all content on the site, however they should not see restricted content in search results or get notifications about changes on restricted pages. There is a bug in the permission check for notifications about "contained" object...

3.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/08/04 10:49 a.m.32 views

Display Last-Login-Date for the User

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-21933. panel Dear Atlassian! I don't know whether a ticket like this already exits or was solved, but I couln't find any. We would like to ha...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/16 5:9 a.m.32 views

500page.jsp contains HTTP Header XSS vulnerability

The 500page.jsp contains an XSS vulnerability via the 'Referrer' HTTP header...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/12/07 3:45 a.m.32 views

KB "Running JIRA over SSL or HTTPS" needs review for Windows Standalone scenario

There are three recommended updates to the KB Running JIRA over SSL or HTTPS|http://confluence.atlassian.com/display/JIRA/Running+JIRA+over+SSL+or+HTTPS based on customer feedback. 1. quote When asked to "What is your first and last name" make sure you enter in the DNS name that you will use to...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/09/02 3:54 p.m.32 views

"User Custom Field Value" permission type incorrectly exposes JIRA project names to everyone

Problem: Project names are shown to users with no permission to see the project. Impact: Security hole! Recipe: it helps to have two browsers open one logged in as admin the other as the user I will create called dummy Add user dummy Add project blah Add custom field myuser of type user picker,...

6.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/11/28 5:50 a.m.32 views

Confluence displays ALL attachments when the following URL is viewed

i removed the space key from the URL for the normal space attachment viewing, and it displays all the attachments for all spaces in the install of Confluence, Irrispecitve of space and page level permission restrictions. For Example:...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/10/01 3:31 a.m.32 views

Make XWork ParametersInterceptor safe from parameter injection attacks

The XWork ParametersInterceptor is a security nightmare as it gives user input submitted form parameters unfettered access to getter/setter methods on action objects. In addition, the interceptor has been shown in the past to be vulnerable to Unicode attacks. Rather than fight a constant and ofte...

3.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/04/10 10:12 p.m.32 views

Some users' logins are not remembered using Tomcat

When using Confluence, and Tomcat 5.5.26 or Tomcat 6 some users may find that their logins are not remembered. This is because of a bug in Tomcat's cookie handling. This is logged against the Atlassian Seraph library used by Confluence as SER-117. SER-117 has been fixed, so we "just" need to use ...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/09 3:24 p.m.32 views

user value of JiraAuthenticationContext not set is SOAP service getIssue()

Call to JiraAuthenticationContext.setUser missing during getIssue SOAP service call. Service call will fail silently if there are custom fields with explicit secutity checking for attributes derived from current user. In my case I try to verify existance of an issue using getIssue SOAP service...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/03 2:58 a.m.32 views

Velocity does not automatically escape HTML entities when substituting variables

Velocity should automatically escape encode HTML entities in variables it interpolates in markup. This would remove the need for explicitly escaping variables using $generalUtil.htmlEncode, and fix lots of XSS bugs including ones we haven't discovered yet. This affects all versions of Confluence...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/04/16 4:20 a.m.32 views

Form submission doesn't check source

Confluence accepts form submissions from any source. This means if you are logged in to confluence and another site submits data to the confluence instance, then its accepted without question because the user is already logged in - or automatically logged in. We need a way to validate the form...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/01/10 3:32 a.m.32 views

XSS bug: usernames not HTML-encoded in all places

When signing up for an account, it is possible to enter a username like "fred". Confluence will accept this, and on certain pages, render it as raw HTML to the user, opening the possibility of cross-site scripting XSS attacks. Two places I've spotted the raw HTML so far: - Most prominently, when ...

5.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2026/05/11 11:29 p.m.31 views

Covert timing channel at org.bouncycastle:bcprov-jdk18on dependency in Bamboo Data Center

This High severity Information Disclosure vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Information Disclosure vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code...

9.9CVSS5.8AI score0.00691EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.31 views

DoS (Denial of Service) in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.1.1 and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

8.7CVSS5.7AI score0.00552EPSS
Exploits0
Atlassian
Atlassian
added 2025/05/07 5:9 a.m.31 views

DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Confluence Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to...

7.5CVSS6.9AI score0.66933EPSS
Exploits5
Atlassian
Atlassian
added 2025/03/12 3:10 a.m.31 views

Path Traversal (Arbitrary Read/Write) org.springframework:spring-webmvc Dependency in Jira Service Management Data Center and Server

This High severity org.springframework:spring-webmvc Dependency vulnerability was introduced in versions 5.12.0 Jira Service Management Data Center and Server. This org.springframework:spring-webmvc Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.5AI score0.54862EPSS
Exploits6
Atlassian
Atlassian
added 2024/10/25 4:20 p.m.31 views

DoS (Denial of Service) tomcat Dependency in Crowd Data Center

This High severity Third-Party Dependency vulnerability was introduced in versions 5.1.11, 5.2.6, 5.3.2, and 6.0.0 of Crowd Data Center. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5, allows an unauthenticated attacker to expose assets in your environment susceptible to...

7.5CVSS7.1AI score0.04602EPSS
Exploits0
Atlassian
Atlassian
added 2024/08/28 4:11 p.m.31 views

DoS (Denial of Service) org.apache.commons:commons-configuration2 Dependency in Confluence Data Center and Server

This High severity org.apache.commons:commons-configuration2 Dependency vulnerability was introduced in versions 6.0 of Confluence Data Center and Server. This org.apache.commons:commons-configuration2 Dependency vulnerability, with a CVSS Score of 7.3 and a CVSS Vector of...

7.3CVSS7.7AI score0.02054EPSS
Exploits0
Atlassian
Atlassian
added 2024/02/14 10:46 a.m.31 views

DoS (Denial of Service) org.xerial.snappy:snappy-java Dependency in Jira Software Data Center and Server

This High severity org.xerial.snappy:snappy-java Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, and 9.12.0 of Jira Software Data Center and Server. This org.xerial.snappy:snappy-java...

7.5CVSS9.8AI score0.01469EPSS
Exploits0
Atlassian
Atlassian
added 2023/03/07 6:17 p.m.31 views

Session invalidation should be propagated to other nodes in the cluster

In Jira there are some events like password change, user delete which invalidates user sessions. Currently those events only invalidate sessions on the node where the event was triggered. Those events should be propagated to other nodes...

2.1AI score
Exploits0
Atlassian
Atlassian
added 2023/03/01 6:16 a.m.31 views

While performing the custom PDF export for Page/s, breaks page titles with umlaut letters.

h3. Issue Summary While performing the custom PDF export for Page/s, breaks page titles with umlaut letters. Issue is reproducible on Latest LTS 7.19.4 and Latest release 8.1.0 This is reproducible on Data Center: yes h3. Steps to Reproduce Setup the Confluence DC setup. sandbox as separate proce...

1.2AI score
Exploits0
Atlassian
Atlassian
added 2022/07/19 2:30 p.m.31 views

The Mail Handler creates tickets from incoming emails in the wrong projects

The mail handler in Jira Service Management JSM Server and Data Center 4.22.5 incorrectly maps new incoming emails to the wrong JSM project, instead of the project linked to the mailbox the mails were sent to. If JSM is configured to process emails and create tickets in a restricted-access projec...

2AI score
Exploits0
Atlassian
Atlassian
added 2021/07/15 9:11 a.m.31 views

Preventing path disclosure in file upload functionality and Page export for security purposes

h3. Issue Summary While performing the file upload vulnerability test in confluence application, we are able to identify the sensitive path disclosure in following cases. • When we attached some malicious file and tried to downloading all attachments. • When we uploaded malicious file and tried t...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/03/15 12:53 a.m.31 views

The name of a filter can be used to XSS users who open an "Export HTML Report" - CVE-2021-26083

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Export HTML Report feature. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before...

5.4CVSS5AI score0.00599EPSS
Exploits0
Atlassian
Atlassian
added 2020/09/23 5:14 p.m.31 views

Embedded Crowd passes sensitive paramaters in the URL when adding a new or editing an existing user directory.

h3. Issue Summary While adding a new directory or editing an existing one the embedded crowd passes directoryId, xsrfTokenName and xsrfTokenValue parameters to the URL. h3. Environment Bitbucket 6.9.X, 7.4.X, 7.5.X, 7.6.X h3. Steps to Reproduce In Bitbucket navigate to Gear Icon User Directories;...

2AI score
Exploits0
Atlassian
Atlassian
added 2020/06/16 3:4 a.m.31 views

Improper authorization in Project Administration - Others - CVE-2020-14165

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to obtain information about custom project avatars via an improper authorization vulnerability in the UniversalAvatarResource.getAvatars resource. Affected versions: version 8.9.0 Fixed versions: 8.9.0...

5.3CVSS7.4AI score0.01005EPSS
Exploits0
Atlassian
Atlassian
added 2020/05/28 5:13 a.m.31 views

XSS in Issue - Attachments - CVE-2020-4022

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Issue attachments. Affected versions: version 8.5.5 8.6.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed versions: 8.5.5 8.8.2 8.9....

6.1CVSS5.4AI score0.01135EPSS
Exploits0
Atlassian
Atlassian
added 2020/04/02 1:51 a.m.31 views

XSS via project configuration - CVE-2019-20416

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the project configuration feature. Affected versions: version 8.3.0 Fixed versions: 8.3.0...

4.8CVSS5AI score0.0059EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/17 3:19 a.m.31 views

Jira on Windows was vulnerable to DLL hijacking - CVE-2019-20400

The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability. h3. Acknowledgment We would like to thank Peleg Hadar of SafeBreach Labs for...

7.8CVSS7.1AI score0.00367EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/10 1:43 a.m.31 views

XSS in the the review resource through the name of a missing branch - CVE-2019-15007

The review resource in Atlassian Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a missing branch...

4.8CVSS4.4AI score0.00596EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/09/26 4:13 p.m.31 views

Improper Authorization in Fisheye & Crucible through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Fisheye & Crucible before version 4.7.2, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. Th...

4.3CVSS3.5AI score0.01334EPSS
Exploits0
Total number of security vulnerabilities4295