Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2008/10/01 3:31 a.m.32 views

Make XWork ParametersInterceptor safe from parameter injection attacks

The XWork ParametersInterceptor is a security nightmare as it gives user input submitted form parameters unfettered access to getter/setter methods on action objects. In addition, the interceptor has been shown in the past to be vulnerable to Unicode attacks. Rather than fight a constant and ofte...

3.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/06/14 3:37 p.m.32 views

XSS using onerror

We had a user enter a viagra ad that actual redirected to their site. I think the offending code was here: although obviously they didn't use example.com I've attached the whole page for examination...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/04/10 10:12 p.m.32 views

Some users' logins are not remembered using Tomcat

When using Confluence, and Tomcat 5.5.26 or Tomcat 6 some users may find that their logins are not remembered. This is because of a bug in Tomcat's cookie handling. This is logged against the Atlassian Seraph library used by Confluence as SER-117. SER-117 has been fixed, so we "just" need to use ...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/02/01 12:29 p.m.32 views

Project name that contains double-quote is not properly escaped on Issue Navigator page

If a project has a double-quote in its name, it's not xml-escaped when used in "title" attribute. For example, if we have a project named 14" monitors, the html will look like: 14" monitors This causes JIRA Client to hiccup on this page and lose a lot of functionality. On web browser, the title i...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/03 2:58 a.m.32 views

Velocity does not automatically escape HTML entities when substituting variables

Velocity should automatically escape encode HTML entities in variables it interpolates in markup. This would remove the need for explicitly escaping variables using $generalUtil.htmlEncode, and fix lots of XSS bugs including ones we haven't discovered yet. This affects all versions of Confluence...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/04/16 4:20 a.m.32 views

Form submission doesn't check source

Confluence accepts form submissions from any source. This means if you are logged in to confluence and another site submits data to the confluence instance, then its accepted without question because the user is already logged in - or automatically logged in. We need a way to validate the form...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2003/09/18 8:16 p.m.32 views

should be able to login only via https

you should be able to configure JIRA to login via HTTPS. this is almost possible in 2.4.1. You can specify an https URL in security-config.xml as the login.url parameter. this makes loing links from e.g. the issue view page work correctly. a slight problem here is that the session remiains in the...

Exploits0Affected Software1
Atlassian
Atlassian
added 2026/05/11 11:29 p.m.31 views

Covert timing channel at org.bouncycastle:bcprov-jdk18on dependency in Bamboo Data Center

This High severity Information Disclosure vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Information Disclosure vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code...

9.9CVSS5.8AI score0.00691EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.31 views

DoS (Denial of Service) in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.1.1 and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

8.7CVSS5.7AI score0.00552EPSS
Exploits0
Atlassian
Atlassian
added 2024/12/12 7:14 a.m.31 views

Path Traversal org.springframework:spring-webmvc Dependency in Bitbucket Data Center and Server

This High severity org.springframework:spring-webmvc vulnerability exists in 8.9.0 - 8.9.23 and 8.19.0 to 8.19.12 of Bitbucket Data Center and Server. This org.springframework:spring-webmvc Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS7.5AI score0.54862EPSS
Exploits6
Atlassian
Atlassian
added 2024/10/23 5:5 a.m.31 views

Users who don't have Jira administrators global permission can create issue collectors

h3. Issue Summary The following description exists in our document "Using the issue collector|https://confluence.atlassian.com/adminjiraserver0912/using-the-issue-collector-1346047512.html" code For all of the following procedures, you must be logged in as a user with the Jira administrators glob...

6.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2024/08/15 8:11 p.m.31 views

DoS (Denial of Service) org.bouncycastle:bcprov-jdk18on Dependency in Crowd Data Center and Server

This High severity org.bouncycastle:bcprov-jdk18on Dependency vulnerability was introduced in versions 5.1.0, 5.2.0, and 5.3.0 of Crowd Data Center and Server. This org.bouncycastle:bcprov-jdk18on Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS7.5AI score0.011EPSS
Exploits0
Atlassian
Atlassian
added 2024/08/09 5:52 a.m.31 views

RCE (Remote Code Execution) in Bamboo Data Center and Server

This High severity RCE Remote Code Execution vulnerability CVE-2024-21689 was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute...

8CVSS7.6AI score0.02725EPSS
Exploits1
Atlassian
Atlassian
added 2024/07/10 8:58 a.m.31 views

Stored XSS in Confluence Data Center and Server

This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This Stored XSS vulnerability, with a CVSS Score of 7.3, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to...

8.7CVSS6AI score0.0089EPSS
Exploits0
Atlassian
Atlassian
added 2024/02/14 10:46 a.m.31 views

DoS (Denial of Service) org.xerial.snappy:snappy-java Dependency in Jira Software Data Center and Server

This High severity org.xerial.snappy:snappy-java Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, and 9.12.0 of Jira Software Data Center and Server. This org.xerial.snappy:snappy-java...

7.5CVSS9.8AI score0.01469EPSS
Exploits0
Atlassian
Atlassian
added 2023/09/28 7:24 p.m.31 views

RCE (Remote Code Execution) in Sourcetree for Mac and Sourcetree for Windows

This High severity RCE Remote Code Execution vulnerability was introduced in version 3.4.14 of Sourcetree for Mac and Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.8, and a CVSS Vector of: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H which allows an...

8AI score
Exploits0
Atlassian
Atlassian
added 2023/03/07 6:17 p.m.31 views

Session invalidation should be propagated to other nodes in the cluster

In Jira there are some events like password change, user delete which invalidates user sessions. Currently those events only invalidate sessions on the node where the event was triggered. Those events should be propagated to other nodes...

2.1AI score
Exploits0
Atlassian
Atlassian
added 2023/03/01 6:16 a.m.31 views

While performing the custom PDF export for Page/s, breaks page titles with umlaut letters.

h3. Issue Summary While performing the custom PDF export for Page/s, breaks page titles with umlaut letters. Issue is reproducible on Latest LTS 7.19.4 and Latest release 8.1.0 This is reproducible on Data Center: yes h3. Steps to Reproduce Setup the Confluence DC setup. sandbox as separate proce...

1.2AI score
Exploits0
Atlassian
Atlassian
added 2022/07/19 2:30 p.m.31 views

The Mail Handler creates tickets from incoming emails in the wrong projects

The mail handler in Jira Service Management JSM Server and Data Center 4.22.5 incorrectly maps new incoming emails to the wrong JSM project, instead of the project linked to the mailbox the mails were sent to. If JSM is configured to process emails and create tickets in a restricted-access projec...

2AI score
Exploits0
Atlassian
Atlassian
added 2021/07/15 9:11 a.m.31 views

Preventing path disclosure in file upload functionality and Page export for security purposes

h3. Issue Summary While performing the file upload vulnerability test in confluence application, we are able to identify the sensitive path disclosure in following cases. • When we attached some malicious file and tried to downloading all attachments. • When we uploaded malicious file and tried t...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/07/02 12:53 a.m.31 views

Information disclosure issue in the comment notification feature - CVE-2021-39120

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to learn when a restricted comment is removed from an issue via an information disclosure vulnerability in the comment notification functionality. The affected versions are before version 8.18.0. Affected versions:...

5.3AI score
Exploits0
Atlassian
Atlassian
added 2021/03/15 12:53 a.m.31 views

The name of a filter can be used to XSS users who open an "Export HTML Report" - CVE-2021-26083

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Export HTML Report feature. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before...

5.4CVSS5AI score0.00599EPSS
Exploits0
Atlassian
Atlassian
added 2020/09/23 5:14 p.m.31 views

Embedded Crowd passes sensitive paramaters in the URL when adding a new or editing an existing user directory.

h3. Issue Summary While adding a new directory or editing an existing one the embedded crowd passes directoryId, xsrfTokenName and xsrfTokenValue parameters to the URL. h3. Environment Bitbucket 6.9.X, 7.4.X, 7.5.X, 7.6.X h3. Steps to Reproduce In Bitbucket navigate to Gear Icon User Directories;...

2AI score
Exploits0
Atlassian
Atlassian
added 2020/06/16 3:4 a.m.31 views

Improper authorization in Project Administration - Others - CVE-2020-14165

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to obtain information about custom project avatars via an improper authorization vulnerability in the UniversalAvatarResource.getAvatars resource. Affected versions: version 8.9.0 Fixed versions: 8.9.0...

5.3CVSS7.4AI score0.01005EPSS
Exploits0
Atlassian
Atlassian
added 2020/05/28 5:13 a.m.31 views

XSS in Issue - Attachments - CVE-2020-4022

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Issue attachments. Affected versions: version 8.5.5 8.6.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed versions: 8.5.5 8.8.2 8.9....

6.1CVSS5.4AI score0.01135EPSS
Exploits0
Atlassian
Atlassian
added 2020/04/02 1:51 a.m.31 views

XSS via project configuration - CVE-2019-20416

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the project configuration feature. Affected versions: version 8.3.0 Fixed versions: 8.3.0...

4.8CVSS5AI score0.0059EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/17 3:19 a.m.31 views

Jira on Windows was vulnerable to DLL hijacking - CVE-2019-20400

The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability. h3. Acknowledgment We would like to thank Peleg Hadar of SafeBreach Labs for...

7.8CVSS7.1AI score0.00367EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/10 1:43 a.m.31 views

XSS in the the review resource through the name of a missing branch - CVE-2019-15007

The review resource in Atlassian Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a missing branch...

4.8CVSS4.4AI score0.00596EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/09/26 4:13 p.m.31 views

Improper Authorization in Fisheye & Crucible through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Fisheye & Crucible before version 4.7.2, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. Th...

4.3CVSS3.5AI score0.01334EPSS
Exploits0
Atlassian
Atlassian
added 2019/09/12 8:1 p.m.31 views

Improper Authorization in Bitbucket Server through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Bitbucket Server & Bitbucket Data Center before version 6.6.0, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing...

4.3CVSS3.6AI score0.01334EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/07/08 11:17 p.m.31 views

XSS in various types of nested wiki markup - CVE-2017-18102

The bundled version of atlassian-renderer in Crucible before version 4.7.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in nested wiki markup. For more information see https://jira.atlassian.com/browse/RNDR-153 currently restricted to...

5.4CVSS3.5AI score0.00921EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/06/20 8:27 a.m.31 views

When the 'Any logged in user' permission is added to 'Browse Project' permission in a Service Desk project, customer will automatically receive notifications when mentioned in an internal comment.

h3. Issue Summary When the 'Any logged in user' permission is added to 'Browse Project' permission in a Service Desk project, customer will automatically receive notifications when mentioned in an internal comment. h3. Steps to Reproduce Test Case1: Create a Service Desk project. Head to project...

6.7AI score
Exploits0
Atlassian
Atlassian
added 2019/04/29 3:8 a.m.31 views

XSS in the activity stream gadget via the country parameter - CVE-2018-20827

The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the country parameter...

5.4CVSS4.9AI score0.00756EPSS
Exploits1
Atlassian
Atlassian
added 2019/02/14 9:15 p.m.31 views

Stored XSS in administrative linker functionality through the href parameter - CVE-2018-20240

The administrative linker functionality in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the href parameter...

4.8CVSS4.4AI score0.00889EPSS
Exploits0
Atlassian
Atlassian
added 2018/12/20 1:10 a.m.31 views

On error at /rest/ stack-trace is publicly visible

h3. Summary On Confluence server 6.12.2 requesting wrong REST URL /rest/cql/contenttypes?category=test we will see full stack-trace. The same we can see at https://confluence.atlassian.com/rest/cql/contenttypes?category=test On production, a regular user should not see the stack-trace when an err...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2018/10/22 11:33 p.m.31 views

Several administrative resources missing WebSudo (improper access control vulnerability) - CVE-2018-13400

Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version...

6.5CVSS4.1AI score0.01436EPSS
Exploits0
Atlassian
Atlassian
added 2018/04/23 3:35 a.m.31 views

XSS through header injection in the /browse/~raw resource - CVE-2018-5228

The /browse/raw resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the handling of response headers...

6.1CVSS4.4AI score0.01212EPSS
Exploits0
Atlassian
Atlassian
added 2018/04/05 4:7 a.m.31 views

XSS in the searchrequest-xml resource through various fields - CVE-2017-18098

The searchrequest-xml resource in Atlassian Jira before version 7.6.1 and before version 7.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through various fields...

6.1CVSS5.7AI score0.00899EPSS
Exploits0
Atlassian
Atlassian
added 2018/03/23 6:40 a.m.31 views

The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229

The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...

5.4CVSS1.5AI score0.00591EPSS
Exploits0
Atlassian
Atlassian
added 2018/02/02 12:11 a.m.31 views

XSS in the usermacros resource through the description of a macro - CVE-2017-18084

The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the description of a macro. Acknowledgements Atlassian would like to credit Veit Hailperin @fenceposterro...

4.8CVSS3.3AI score0.00612EPSS
Exploits0
Atlassian
Atlassian
added 2017/11/15 10:54 p.m.31 views

Argument injection in Mercurial repository handling - CVE-2017-14590

Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. An attacker who has permission to do one or more of the following: create a repository in Bamboo edit an existing plan in Bamboo that has a non-linked Mercurial repository create or edit a plan...

9.6CVSS3.6AI score0.02405EPSS
Exploits1
Atlassian
Atlassian
added 2016/01/12 3:59 a.m.31 views

CVE-2015-8361: Services exposed without authentication Vulnerability

Bamboo exposed services without first performing authentication checks. Attackers can use this vulnerability to extract confidential information from Bamboo, modify certain settings and manage build agents. To exploit this issue, attackers need to be able to access the Bamboo JMS port. Affected...

9.1CVSS8.9AI score0.02844EPSS
Exploits0
Atlassian
Atlassian
added 2015/07/02 3:27 a.m.31 views

xss by swf file

In confluence comment module user can embed swf file in their comment, confluence are using a atltoken parameter on GET HTTP request, if the attacker send the link of .swf file the value of src on embed tag to his victim the malicious .SWF won't execute on the victim's browser . We can bypass thi...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2014/06/26 7:39 p.m.31 views

Update Tomcat Native DLL in JIRA Installer

quote 7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships with the Windows Installer versions of JIRA. So please update your JIRA Windows Installers to include a patched version of Tomcat Native DLL's, once these become availabl...

2.3AI score0.99999EPSS
Exploits88Affected Software1
Atlassian
Atlassian
added 2014/05/01 11:6 a.m.31 views

Restrictions do not apply in calendar macro

Team Calendar restrictions do not apply if the calendar is in a Calendar Macro withing a Confluence page. +Repro steps:+ Create a calendar. Restrict it to one group. Create a Confluence page with a calendar macro containing the restricted Calendar. View the page with a user with no permissions to...

2.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/03/11 5:51 a.m.31 views

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...

2.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/01/29 3:42 p.m.31 views

JIRA sends in-app notifications to Confluence for restricted comments

If you have a primary application link between JIRA in Confluence, users get a notification in their Confluence workbox everytime someone comments in a ticket the user is watching. Users receive the notification with the text of the comment even when the comment is restricted to other groups,...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/01/06 4:10 p.m.31 views

Administrator can change avatar without establishing a Secure Administrator Session (WebSudo)

Administrator can click on avatar of another user and change the avatar. This doesn't require the administrator user to establish a websudo session...

6.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/16 1:47 p.m.31 views

OAuth Administration screen is visible to anonymous users

If anonymous user access is enabled under "Global Permission", user can access to "OAuth Administration" page without the need to log-in. Here is the URL to the page: /plugins/servlet/oauth/view-consumer-info This page display Confluence administrators menu on the sidebar and other information su...

2.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/16 11:11 a.m.31 views

execution of javascript from filename

Steps to replicate: Add an attachment Rename the file to ".txt" Copy its remove link and open the link in a new browser window Result: The JavaScript code is executed, rather than showing the "proceed w/ deletion" screen. Everything works normally if you just click the delete button rather than...

1.1AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295