Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2012/04/19 1:27 a.m.27 views

admin/dev/usermacros.jsp lacks an XSRF token to add and remove user macros from Confluence.

admin/dev/usermacros.jsp does not require a csrf token to add and remove user macros from Confluence. This could allow an attacker to introduce a malicious user macro with 'bad' html and or javascript into a confluence instance through a csrf attack on an admin user...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/03/30 4:54 a.m.27 views

XML Vulnerability in Confluence

We have identified and fixed a vulnerability in Confluence that results from the way third-party XML parsers are used in Confluence. This vulnerability allows an attacker to: Execute denial of service attacks against the Confluence server, or Read all local files readable to the system user under...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/10/26 2:13 a.m.27 views

XSS vulnerability in /agent/configureAgents resource

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo configureAgents resource. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...

0.2AI score
Exploits0
Atlassian
Atlassian
added 2011/09/07 10:10 p.m.27 views

View PDF Macro in Office Connector makes http fetch from Adobe from https session

The View PDF macro within the Office Connector plugin provides the following http URL even for https sessions when a user's browser fails the Flash installed test. http://www.adobe.com/images/shared/downloadbuttons/getflashplayer.gif It's bad form to mix http urls in with secured https sessions a...

6.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/07/01 10:40 a.m.27 views

Web Sudo should be able to be subverted for non browsers (eg scripts) via a HTTP header

We do this for XSRF protection. Basically you should be able to subvert the web sudo mechanism via a HTTP header. This posts shows the use case https://answers.atlassian.com/questions/1273/jira-jelly-runner-via-cron-in-v4-3-4 I believe it just as secure since web sudo is really design to stop som...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/04/28 4:55 a.m.27 views

XSS vulnerability in login.action

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence login action. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including these:...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/04/26 9:8 a.m.27 views

"Forgot Password" feature should not reveal that a given username exists within Confluence for security reason

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-22388. panel It is possible to see which user exists on Confluence or not from within "Forgot Password" link. This is bad for...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/02/15 12:5 p.m.27 views

Ability to perform a bulk random password reset for users per project

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-23703. panel Would like to have the ability to perform a bulk password reset on user accounts for any particular JIRA project. Have recently...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/01/10 2:0 a.m.27 views

Lock account after multiple login failure

For security purposes, it is desirable to have a mechanism to lock an account if the user attempted multiple login unsuccessfully. Perhaps something like what they are doing here: http://jira.codehaus.org/browse/CONTINUUM-796 See also:...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/09/03 7:23 a.m.27 views

XSS vulnerability in Confluence Space Names

We have identified and fixed a cross-site scripting XSS vulnerability in Confluence Space Names. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An attacker's te...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/07/28 4:42 p.m.27 views

NullPointerException when there are no cookies and AccessLogRequestInfo is enabled

When using the filter-list and project-list plugins I ran into an issue where NullPointerExceptions were being thrown. I turned out the issue is in AccessLogRequestInfo when the Cookie header doesn't exists. The line that causes the exception is a log.debug line. I am including a patch that check...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/06/21 3:46 a.m.27 views

XSS vulnerability in Contributors macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence \contributors macro. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/02/04 9:0 p.m.27 views

Confluence adminsistrators can still view a restricted page if the type in the URL or click on a link in an email

If I set page viewing restrictions on a wki page to one group of which I am a member, other users, including confluence adminsistrators, cannot see the page when navigating within the application. If they type in the URL of the restricted page or click on a link to the restricted page, then can...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/01/14 8:33 p.m.27 views

CAPTCHA Option Should Exist for The Password Reset Form

The password reset prompt allows an individual to reset any user's password. My company uses a standard employee id to use for the JIRA username. With little knowledge, I designed a script that can cycle through employee id numbers and submit them to the reset password form. This process can repe...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/12/24 12:36 a.m.27 views

Unable to use HTTPS for login only

If you setup the urlrewrite.xml like so: noformat ^/s/.//download/images/^?. /images/$2 ^/s/.//^?. /$2 ^/login.action https https://localhost:8443/login.action ^/dologin.action https https://localhost:8443/dologin.action ^/. https /login.action. /dologin.action. /s/. http://localhost:8080/$...

7AI score
Exploits0
Atlassian
Atlassian
added 2009/10/09 1:2 a.m.27 views

Links from indexbrowser.jsp are vulnerable to XSS attacks

CONF-16888 has introduced or re-introduced an XSS vulnerability. To reproduce: Create a new user, and for the Full Name use: noformatalert'Vulnerable'noformat Go to ../admin/indexbrowser.jsp and find the entry Click on the entry, and the script is executed. This also happens for other content typ...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/05/20 6:5 p.m.27 views

CSRF attack message thrown when JSESSIONID is changed

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-15779. panel Symptoms: Anything that is using DWR will fail. Meaning: page editor is fully or partially unusable and it may...

Exploits0Affected Software1
Atlassian
Atlassian
added 2009/05/20 6:5 p.m.27 views

CSRF attack message thrown when JSESSIONID is changed

Symptoms: Anything that is using DWR will fail. Meaning: page editor is fully or partially unusable and it may display the text "Draft saving timed out" on top of the text area. At the same time, the following error messages are printed in the Confluence log: noformat 2009-05-15 08:06:36,011 ERRO...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/05/14 3:26 a.m.27 views

Prevent global settings from being accidentally overwritten

On a number of occasions, upgrading Extranet has triggered some kind of bug that has caused the global settings to be reset to their default values. The most obvious cause of this is that some piece of code has created a new Settings object and saved it through the settings manager. One way to...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/11/12 10:32 a.m.27 views

Repository Security improvement - the default for creating a new repository should be restricted to admins until specifically configured.

I just noticed that when setting up repositories, they were created with 'default' which mean if public sign up was on, they were able to see the repos. For the sake of security, a fresh install should default to restricting access to admins, perhaps through a default-created group 'admins'. Anon...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/10/20 8:13 a.m.27 views

XSS bug in wiki markup link rendering

The following wikimarkup creates links with an onclick event. noformat test link|mailto:[email protected]" onclick="alert'hi. I am a fun onclick event' test link|mailto:[email protected]" onclick="alert'hi. I am a fun onclick event' noformat This is due to the following code in...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/08/25 10:28 a.m.27 views

Hidden pages' content can be viewed without permission using copypage.action

If the id of a page is known by a user, that user can view the content of the page without having permissions to the space it is in. They need only construct the right URL. EG: Two spaces A and B Page with id 1 is in Space A User cannot see Space A User can see Space B The following URL will allo...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/04/24 5:54 a.m.27 views

Implement login using google Authentication

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-14866. panel We are a small company , and we are using Google for mail , calender etc ... For now we are using open ldap to authenticate user...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/04/15 12:31 a.m.27 views

Users can move attachments to a space they have no permission for

Any user with permission to edit pages in a space can move attachments in that space to any page in Confluence. Eg: suppose we have a user named StandardUser who has permission to edit pages in GeneralSpace, but no permission to view or edit RestrictedSpace, which contains a page predictably name...

1.5AI score
Exploits0
Atlassian
Atlassian
added 2007/10/12 10:49 p.m.27 views

Security Issue: XSS in wiki exception error page

The confluence wiki does contain a XSS possibility in the exception error page. The user input string is NOT output encoded at following lines: a - - Query String: url=alertdocument.cookie b - javax.servlet.forward.querystring : url=alertdocument.cookie c - atlassian.core.seraph.original.url :...

6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/09/13 8:15 a.m.27 views

XSS Bug in printable link display

A Cross sites scripting vulnerability exists in macro used to render the 'printable' link. Here is an exploit for the vulnerability that works https://servername/wiki/display/a/2007/09/%22%3E%3Cscript%3Ealert'Watchfire%20XSS%20Test%20Successful'%3C/script%3E Bug was found using APPScan...

6.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/03/15 10:8 p.m.27 views

Implement user lockout mechanism to stop bruteforce login attacks

Hacker can try as many time he wants to login JIRA. You can build client, which sends username+password combinations as many time as you like. .. and if you have username, it is much easier to get in. ---- Implementation ideas: 1 Lock user after sequential X incorrect logins - X can be set by...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2004/09/17 9:37 a.m.27 views

MoveIssue does not keep the security issue level after the move.

MoveIssue does not keep the security issue level after the move...

1.3AI score
Exploits0
Atlassian
Atlassian
added 2026/05/11 11:29 p.m.26 views

Covert timing channel vulnerability at Bouncy Castle dependency at Crucible Server

This High severity Covert timing channel vulnerability was introduced in version 4.9.0 of Crucible Server. Atlassian recommends that Crucible Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Crucible Da...

9.9CVSS5.8AI score0.00691EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.26 views

HTTP Request/Response Smuggling Apache Tomcat Dependency in Confluence Data Center

This High severity HTTP Request/Response Smuggling vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request/Response Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
Atlassian
Atlassian
added 2025/04/01 5:12 a.m.26 views

DoS (Denial of Service) net.minidev:json-smart Dependency in Bamboo Data Center and Server

This High severity net.minidev:json-smart Dependency vulnerability was introduced in versions 9.6.0, 10.0.0-rc5, 10.1.0, and 10.2.0 of Bamboo Data Center and Server. This net.minidev:json-smart Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS7.2AI score0.01119EPSS
Exploits1
Atlassian
Atlassian
added 2025/02/01 7:12 a.m.26 views

DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Bamboo Data Center and Server

This High severity com.thoughtworks.xstream:xstream Dependency vulnerability was introduced in versions 9.1.0, 9.2.1, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 10.0.0-rc5, 10.1.0, and 10.2.0 of Bamboo Data Center and Server. This com.thoughtworks.xstream:xstream Dependency vulnerability, with a CVSS Score of 7...

7.5CVSS7.6AI score0.02015EPSS
Exploits0
Atlassian
Atlassian
added 2025/01/14 8:14 a.m.26 views

DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Bitbucket Data Center and Server

This High severity com.thoughtworks.xstream:xstream Dependency vulnerability was introduced in versions 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0, 8.15.0, 8.16.0, 8.17.0, 8.18.0, 8.19.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, and 9.4.0 of Bitbucket Data Center and Server. This...

7.5CVSS7.6AI score0.02015EPSS
Exploits0
Atlassian
Atlassian
added 2024/11/07 9:12 a.m.26 views

DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Crowd Data Center and Server

This High severity org.apache.tomcat:tomcat-coyote Dependency vulnerability was introduced in versions 5.2.0, 5.3.0, and 6.0.0 of Crowd Data Center and Server. This org.apache.tomcat:tomcat-coyote Dependency vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of...

8.6CVSS7.1AI score0.01702EPSS
Exploits0
Atlassian
Atlassian
added 2024/11/04 11:11 p.m.26 views

DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Bamboo Data Center and Server

This High severity org.apache.tomcat:tomcat-coyote Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server. This org.apache.tomcat:tomcat-coyote Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS7AI score0.23072EPSS
Exploits1
Atlassian
Atlassian
added 2024/10/14 3:58 p.m.26 views

Script execution via PDF as attachment - CVE-2021-39111

The attachment as PDF is a vulnerable PDFJS library. To confirm the vulnerability, we uploaded a PDF file containing a JavaScript. After opening a preview of the PDF file, the console displayed the message "Hello, xss is working," indicating that the JavaScript code had been successfully executed...

6.1CVSS7.3AI score0.00978EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2024/05/14 12:49 p.m.26 views

The "Your Jira Issues" section on the Bitbucket dashboard is fetching images via the internal Application URL rather than the external Display URL

h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce Create an Application link to Jira Instance with different "Application" and 'Display URLs' !image-2024-05-14-18-13-31-601.png|thumbnail! Block the 'Application URL' access on the client system browser using...

7.1AI score
Exploits0
Atlassian
Atlassian
added 2024/02/07 3:37 a.m.26 views

Merge Conflict PRs in Confluence-frontend-plugin

Merge Conflict PRs in Confluence-frontend-plugin after NPM Audit Fix...

7.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2023/12/01 3:1 p.m.26 views

Confluence XHR requests have the wrong content type

h3. Problem Watching or Stop watching a Confluence page and other operations see below list of identified endpoints will generate a request like the one below copied as curl from HAR capture for convenience: code:java curl 'https://confluence/rest/api/user/watch/content/9999999' \ -X 'DELETE' \ -...

7.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2023/08/11 10:30 a.m.26 views

Smart commits are processed in Jira for repositories without smart commits when synced via git webhooks

h3. Issue Summary This is reproducible on Data Center: yes Explanation: This bug shows up only for integration using webhooks. Smar commits works correctly when data is being synced during hourly polling job. Environment requirements: Jira needs to be available for Git instance to let git webhook...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2023/05/16 9:34 a.m.26 views

User enumeration security issue when external authentication server is used

h3. Issue Summary This is reproducible on all Atlassian on-prem products that use LDAP or any other external server for authentication. It is possible to find out which usernames exists in the system and which do not exist by studying the response times it takes for a server to process a login...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/10/31 12:2 p.m.26 views

Putting a word in quotes and having the > character in the summary allows scripts to execute

h3. Issue Summary If you have a summary with a word in double quotes, similar to "Something" and have the character. Then you can execute actions through tags in the summary This is reproducible on Data Center: Yes h3. Steps to Reproduce This can be reproduced when editing and creating an issue...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/08/24 9:34 a.m.26 views

Template Injection in Email Templates leads to RCE on Jira Service Management Server

Affected versions of Atlassian Jira Service Management Server and Data Center allows JIRA Administrators to execute arbitrary system commands via a template injection in the endpoint /admin/EmailTemplatesSettings!default.jspa. The affected versions are before version 8.13.19, from version 8.14.0...

6.7AI score
Exploits0
Atlassian
Atlassian
added 2022/03/16 5:14 a.m.26 views

Admin user can toggle JMX monitoring without WebSudo validation

Affected versions of Atlassian Jira Server and Data Center allow attackers with administrator privileges to bypass WebSudo validation in order to toggle JMX monitoring, via a Broken Access Control vulnerability in the JmxMonitoringAction.jspa endpoint. The affected versions are before version...

6.4AI score
Exploits0
Atlassian
Atlassian
added 2021/11/02 9:56 a.m.26 views

Upgrade Confluence to latest Adopt OpenJDK versions 11.0.13

h3. Issue Summary Upgrade Confluence to latest Adopt OpenJDK versions 11.0.13...

3.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/05/20 10:43 p.m.26 views

Bitbucket XSS, privilege escalation from "Project Creator" to "System admin" on project deletion

This vulnerability affects certain versions of Atlassian Dev Tools. Please describe the impact of the vulnerability here. No known vulnerability could be read off of the parent...

5.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2020/04/29 9:16 a.m.26 views

About Jira page can be accessed anonymously

h3. Issue Summary "About Jira" page can be accessed anonymously. This can expose the Jira application versions. Some customers might want to prevent this information from being available as it could be used to target other vulnerabilities specific to the version. h3. Steps to Reproduce Access...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2020/01/29 11:27 p.m.26 views

Information disclosure of project key existence vulnerability in Jira - CVE-2019-20403

The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to determine if a Jira project key exists or not via an information disclosure vulnerability...

5.3CVSS5.1AI score0.0147EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/17 3:46 a.m.26 views

Information disclosure in the listEntityLinks servlet resource of the Application links plugin - CVE-2019-15011

The version of the Application Links plugin used in Jira before version 8.4.2 allows remote attackers to obtain information about configured application links via a missing permissions check. See https://ecosystem.atlassian.net/browse/APL-1386 for more details...

4.3CVSS3.1AI score0.00915EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/10 2:35 a.m.26 views

Improper authorization vulnerability in the /json/profile/removeStarAjax.do resource - CVE-2019-15009

The /json/profile/removeStarAjax.do resource in Atlassian Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability...

4.3CVSS6.3AI score0.00732EPSS
Exploits0
Total number of security vulnerabilities4295