Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
•added 2013/12/17 1:41 p.m.•25 views

Enabling the XSRF in Bamboo cause the integration with JIRA 6.1.5 to break

Steps to reproduce: install JIRA 6.1.5 install Bamboo 5.3. Make sure the "Enable XSRF protection" is enabled via Bamboo Admin Security Security Settings integrate JIRA with Bamboo using Oauth authentication OR Basic Access OR Trusted Application in the JIRA UI, it will shows that JIRA can't conne...

1.7AI score
Exploits0
Atlassian
Atlassian
•added 2013/12/09 2:57 p.m.•25 views

The color of the issue security field should be configureable or black

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-36126. panel The color of the issue secuity field is red. Why? The color should be configureable or black, like other fields. I have already...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/11/22 3:8 a.m.•25 views

JIRA Workflow Step Property jira.permission.browse allows you to view issues in issue navigator

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-35917. panel h3. Summary The JIRA Workflow Step Property jira.permission.browse does not prevent you to view issues in issue navigator. h3...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/09/20 5:4 p.m.•25 views

Unauthenticated enumeration of resource information via tinymce plugin

It is possible for unauthenticated users to retrieve a large amount of information from a Confluence instance, including page titles, attachment filenames, and username, by making calls to the link REST API in the confluence-tinymce-plugin. This is effective even when the anonymous user does not...

2.8AI score
Exploits0
Atlassian
Atlassian
•added 2013/09/17 9:4 a.m.•25 views

Default application configuration files are available for download

h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under /confluence/WEB-INF/... code/s/1519/3/1.0//WEB-INF/...code The above URL will be accessible by any users including anonymous even to an instance that does not allow anonymous access h5. Not...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/09/11 7:3 a.m.•25 views

Arbitrary file creation in AbstractRendererExporterImpl

To reproduce: 1. Create a new space. 2. Create a new page. 3. Attach a file called test.txt to the page. 3. Edit the page, and add an image with the URL: code /confluence/s/download/attachments/pageid//../../../../../../../../../../../../tmp/test.txt code \pageid\ must be replaced with the actual...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/08/09 4:40 a.m.•25 views

Reflected XSS in 'where' param of doSearchSite

Olivier Beg reported quote noformathttps://confluence.atlassian.com/dosearchsite.action?queryString=%22%3E&startIndex=0&lastModified=LASTWEEK&where=confall%22%3E%3Cimg%20src=x%20onerror=alert1%3Enoformat I asume he is DOM based because he works in google chrome. quote This results in code:html co...

1.4AI score
Exploits0
Atlassian
Atlassian
•added 2013/07/11 8:18 a.m.•25 views

Some of the REST resources in Navigator plugin are susceptible to XSRF attacks

Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/07/01 4:53 a.m.•25 views

Reflected XSS in JIRA Admin Panel (Delete User)

The 'name' param in jira-components/jira-webapp/src/main/webapp/secure/admin/user/views/deleteuserconfirm.jsp is not sanitised, enabling arbitrary html/script execution. A url to demonstrate this issue is:...

1.2AI score
Exploits0
Atlassian
Atlassian
•added 2013/06/24 5:18 p.m.•25 views

JSON-RPC API functions available anonymously even though anonymous API access is disabled.

The summary says it all really. The functions listed below can be used on our confluence service even though we have Anonymous API Access disabled check box not checked in admin control panel. This is an issue when it comes to confluence sites that have sensitive user or group information...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/03/12 11:37 p.m.•25 views

Security enhancement: do not allow POST parameters to be used in GETs

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-32076. panel My company's security team ran a vulnerability scan against our JIRA and found this issue. They advised me to bring it to your...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/01/08 12:16 p.m.•25 views

Default application configuration files are available for download

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-27693. panel h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2013/01/02 4:17 a.m.•25 views

Reflected xss in the jira-gadgets-plugin getLabelGroups rest resource

The jira-gadgets-plugin LabelsResource class exposes a getLabelGroups rest resource that is vulnerable to reflected xss through the user supplied 'project' path parameter. The vulnerability is caused by building an error response message with a content type of text/html and not html encoding the...

0.2AI score
Exploits0
Atlassian
Atlassian
•added 2012/10/08 1:32 a.m.•25 views

persistent xss in a user's username within mentions within comments

A user's username is injected into the "rel" attribute of the user mention link without being encoded properly. This means that if the username contains a " character then new attributes can be injected into the user mention link element. Hence, providing a persistent xss vector. To reproduce thi...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/10/04 2:46 a.m.•25 views

SQL injection in DefaultReferralManager

In confluence-core/confluence/src/java/com/atlassian/confluence/links/DefaultReferralManager.java the DefaultReferralManager class the deleteReferrersWithPrefix method is vulnerable to sql injection through the user controlled 'prefix' parameter. It is possible to exploit this issue as an Admin...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/07/31 9:7 a.m.•25 views

ldap injection in the custom atlassian authentication code

The custom atlassian ldap authentication code is vulnerable to ldap injection. The method which is vulnerable to ldap injection is the searchUser method, where the 'filter' parameter third argument to the searchs ldap method is passed through without using ldap.filter on it first. The code should...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/07/27 1:56 a.m.•25 views

Potential remote code execution due to embedding of old django-piston

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46819. panel The exposed atlassian api for forummodules found under forummodules/atlassian/api uses an outdated version of...

2.4AI score
Exploits0
Atlassian
Atlassian
•added 2012/07/17 11:27 a.m.•25 views

Add an option in User Directory settings to make an SSL LDAP connection but without verifying that the hostname and certificate match

h5. Note - as of Confluence 5.1.3 you can make an SSL LDAP connection that doesn't verify that the hostname and certificate match by unchecking this box when configuring your user directory: !Screen Shot 2013-04-16 at 3.10.37 PM.png! ---- h5. Original issue description Starting Confluence 4.2, th...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/07/03 7:8 a.m.•25 views

XSS vulnerability in Office Connector plugin

From: OFFCONN-81: Using "office excel"-macro as part of viewfile, which is part of office connector plugin seems to open up the possibility to get injected with XSS-code. Steps to reproduce: 1. Create an excel-file with following content in one cell: code '"alert'XSS' code 2. Attach this file to ...

0.9AI score
Exploits0
Atlassian
Atlassian
•added 2012/05/13 12:43 p.m.•25 views

persistent xss through svg file attachment download

The fix for CONF-22132 was not sufficient because "svg" files are not "said" to be xml by the isXml method. This means that is possible for a malicious party to upload a svg file containing html/javascript which will be rendered in victim's web browser. This bug should have been raised a while ag...

1.4AI score
Exploits0
Atlassian
Atlassian
•added 2012/05/07 6:55 a.m.•25 views

The "user" Dark Features page is vulnerable to XSRF/csrf

The "User Dark Features" page located at $host/secure/ViewProfile.jspa?selectedTab=jira.user.profile.panels:up-darkfeatures-panel allows users to add dark features which only affect themselves. However, it is not protected against XSRF attacks. Note: the 'value' of dark features is not properly...

1.3AI score
Exploits0
Atlassian
Atlassian
•added 2012/03/27 6:46 p.m.•25 views

Improve the default SSL cipherset in standalone JIRA setup

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-27681. panel We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions woul...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/01/08 11:39 p.m.•25 views

Provide an abstract Seraph authenticator for SSO authenticators to subclass that reduces the plumbing code required to interact with Embedded Crowd

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-24358. panel This is currently the most comprehensive version I have so far compiled of the code a custom SSO authenticator for...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/10/26 2:13 a.m.•25 views

XSS vulnerability in /agent/configureAgents resource

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo configureAgents resource. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...

0.2AI score
Exploits0
Atlassian
Atlassian
•added 2011/10/26 2:8 a.m.•25 views

XSS vulnerability in /agent/viewAgent.action resource

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo viewAgent.action resource. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...

Exploits0
Atlassian
Atlassian
•added 2011/10/26 1:57 a.m.•25 views

XSS vulnerability in default 'internal server error' page

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo default 'internal server error' page. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...

5.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/08/25 3:13 p.m.•25 views

Better error message when viewing an embedded calendar as an unprivileged user

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-51101. panel On our site's dashboard I have a calendar macro defined as:...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/07/01 10:40 a.m.•25 views

Web Sudo should be able to be subverted for non browsers (eg scripts) via a HTTP header

We do this for XSRF protection. Basically you should be able to subvert the web sudo mechanism via a HTTP header. This posts shows the use case https://answers.atlassian.com/questions/1273/jira-jelly-runner-via-cron-in-v4-3-4 I believe it just as secure since web sudo is really design to stop som...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/05/30 7:4 p.m.•25 views

Cross-Site Request Forgery

Cross-Site Request Forgery Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL: /jira/plugins/servlet/streamscomments This vulnerability enables...

7.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/05/11 7:3 a.m.•25 views

XSS vulnerability in doeditmysettings.action

This vulnerability affects all versions from 3.5 and above. We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence settings editing action. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/04/28 4:55 a.m.•25 views

XSS vulnerability in login.action

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence login action. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including these:...

0.1AI score
Exploits0
Atlassian
Atlassian
•added 2011/03/14 5:44 a.m.•25 views

XSRF token broken when you edit an Issue Type Scheme

If you click the Edit link beside the currently selected Issue Type Scheme on a Project Summary page and then click Save on the next screen you get an XSRF token missing error...

0.9AI score
Exploits0
Atlassian
Atlassian
•added 2010/09/23 1:6 a.m.•25 views

XSS vulnerability in space key, particularly with decorators off

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-20865. panel As discovered while looking at CONF-20667, Confluence stores the space key unencoded in a content tag. Considerable...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/06/17 8:46 a.m.•25 views

Can not UPDATE the "Viewable By" field of an issue

After the creation of an issue it is by default viewable by "All Users". It is not possible to change the value after re-editing that issue. After changing it and clicking the "Update" button, the viewable by entry stays "All Users"...

3.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/27 4:58 a.m.•25 views

XSS in page renderer

An XSS vulnerability has been identified in the page renderer. This issue provides a fix for this problem. The severity of this issue is rated HIGH. Please see http://confluence.atlassian.com/x/ZILmD for other security related issues as well as more information on how we rate issues...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/27 1:3 a.m.•25 views

Put a new security log into JIRA so that important events can be specifically logged

The idea is to have a specific atlassian-jira-security.log that contains important events such as user logged in, logged out, session created and so on. This would allow for more specific information about how is logged into JIRA and when. This has been mooted for a while and is now being done in...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 4:0 a.m.•25 views

The list of Confluence administrators is accessible via a URL

Confluence exposes a list of the administrators. This issue corrects this by removing the list and providing the user with a form that can be used to send e-mail to all the relevant administrators on the user's behalf...

4.2AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/22 12:36 a.m.•25 views

XSS Bookmark vulnerabilities

The Add bookmark page is vulnerable to XSS attacks...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/18 1:44 a.m.•25 views

The current CAPTCHA implementation may not be secure

The current CAPTCHA implementation displays a different message if the CAPTCHA is being displayed and the captcha is entered correctly but the password for the user is not, than if the CAPTCHA is entered incorrectly. This is giving away more information than a login screen should. The error messa...

0.5AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/08 8:10 p.m.•25 views

Signing in with username with different case creates new user

We currently utilize LDAP for our user repository and allow users to be automatically added to crucible if they can successfully authenticate. We have recently received complaints from users that their names were showing up two times in reviews. After some analysis we saw that there were 2...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/01/20 6:41 p.m.•25 views

autocomplete box in page restrictions finds deleted users, wrong usernames

We recently migrated our user management from JIRA to Crowd, our Confluence instance used to link to JIRA for authentication, and now links to Crowd. We now found that, when editing the restrictions on individual pages, the autocomplete feature in that dialog acts strange: Users that have been...

0.7AI score
Exploits0
Atlassian
Atlassian
•added 2009/10/21 1:33 a.m.•25 views

Confluence users should inherit permissions from the anonymous user

This has been derived from CONF-4955|http://jira.atlassian.com/browse/CONF-4955. The above seems to have been fixed for registered groups only, not individual users who do not belong to any groups in Confluence, but have "Can Use" permission. If a user is a member of a specific group, the anonymo...

3.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/10/09 1:2 a.m.•25 views

Links from indexbrowser.jsp are vulnerable to XSS attacks

CONF-16888 has introduced or re-introduced an XSS vulnerability. To reproduce: Create a new user, and for the Full Name use: noformatalert'Vulnerable'noformat Go to ../admin/indexbrowser.jsp and find the entry Click on the entry, and the script is executed. This also happens for other content typ...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/10/09 1:2 a.m.•25 views

Links from indexbrowser.jsp are vulnerable to XSS attacks

CONF-16888 has introduced or re-introduced an XSS vulnerability. To reproduce: Create a new user, and for the Full Name use: noformatalert'Vulnerable'noformat Go to ../admin/indexbrowser.jsp and find the entry Click on the entry, and the script is executed. This also happens for other content typ...

0.5AI score
Exploits0
Atlassian
Atlassian
•added 2009/06/18 1:45 p.m.•25 views

Directory traversal in Profile Picture path - leads to privilege escalation in < 3.0

Confluence allows its users to specify a "Profile Picture," an image that appears on many pages related to the user. A user can either upload a custom image, or select one from a set provided by Confluence. Confluence uses the /users/doeditmyprofilepicture.action path to process requests to chang...

7.2AI score
Exploits0
Atlassian
Atlassian
•added 2009/05/26 1:29 a.m.•25 views

XSS in concurrent edit notification

If a page is being editted by noformat alert'hacked' noformat and another user edits it at the same time, they are vulnerable to a potential XSS attack...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/07 2:13 a.m.•25 views

The i18n in velocity templates does not auto html encode parameters

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-15548. panel All the getText methods on com.atlassian.confluence.util.i18n.DefaultI18NBean are anontated as HtmlSafe which means...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/02/04 3:15 p.m.•25 views

Email notifications for jiraissues macro reflect page owner permissions rather than permissions of notified user...

When a notification is sent out for a page that includes the \jiraissues\ macro, the list of issues is based on the page owner's permissions rather than the notified user's permissions. Here are the steps to reproduce: Set up the trust relationship between your JIRA and Confluence installs Create...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/01/15 11:31 p.m.•25 views

Forgot Password/Crowd Integration exception handling and regex improvements

If JIRA is integrated with Crowd, and Crowd has password restrictions e.g. regex, a user will receive a stack trace in JIRA if the new password does not meet Crowd's password requirements e.g. through the Forgot Password link in JIRA. noformat java.lang.IllegalArgumentException: Could not change...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/12/16 5:40 a.m.•25 views

Get 500 when trying to communicate to confluence via trusted apps.

Steps to reproduce. 1 Install confluence 2.9.2 and crucible 1.6.5 2 Setup trusted apps to crucible specify a "IP address Matches as 10.0.100.123 3 Install the confluence crucible plugin...

0.3AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295