Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2017/12/14 11:55 p.m.23 views

Authentication fails using SSH keys since 2.3.5

Neither the Pagent agent or OpenSSH is working to authenticate since I upgraded. Switching SSH services makes no difference. If I go to the command line, using ssh -i identfile I have no issues authenticating to any system. Other symptoms include the terminal not going to the repository but using...

1.3AI score
Exploits0
Atlassian
Atlassian
added 2017/11/27 8:44 a.m.23 views

JQuery Update to the latest version

h3. Definition JQuery is currently at version 1.7.2 where it contains 1 medium security vulnerability. h3. Suggestion To update the JQuery version that does not have a vulnerability threat...

3.2AI score
Exploits0
Atlassian
Atlassian
added 2017/08/21 8:53 p.m.23 views

An issue can be linked to by ID even if link and browse permissions are absent

h3. Problem Definition: If you remove the Link Issues Permission and Browse Projects Permission a user can still create a link if they use the issue key. h3. Steps to Reproduce Create a Project Role and remove the "Browse Projects" and "Link Issues" permissions from that role in a target-project...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2017/08/18 3:7 a.m.23 views

Missing authorization check in Team Calendar addon

We received external report about missing authorization check in Team Calendar addon quote I found a broken authentication in Confluence Team calendar. A restricted team calendar that only related to a certain restricted space and can only be viewed by the creater himself show up in his profile...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2017/05/24 3:23 p.m.23 views

Other SD Projects Knowledge Base are accessible through direct link

h3. Summary: If a Customer only able to access one SD Portal and log in to Confluence, it is actually possible for that Customer to access other SD Project KBs through a Direct URL Link including navigating the space. h3. Steps to Reproduce: Prepare a JIRA instance that is connected to Confluence...

1.2AI score
Exploits0
Atlassian
Atlassian
added 2017/05/05 2:23 p.m.23 views

Security Issue: REST API does not respect 'Allow Anonymous Access to Remote API' setting on pages that has anonymous access

h3. Summary Anonymous API access are allowed on on pages that has Anonymous View Permission, even though the 'Allow Anonymous Access to Remote API' setting not ticked h3. Steps to Reproduce Make sure that 'Allow Anonymous Access to Remote API' setting from Confluence Administration Security...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2017/01/19 9:31 a.m.23 views

Update application-links to fix APL-1327

Now that https://ecosystem.atlassian.net/browse/APL-1327 has been fixed, upgrade application-links to a version that contains a fix for it. In this case Fecru would update application-links from version 5.2.3 the version comes from the platform pom to version 5.2.4...

1.6AI score
Exploits0
Atlassian
Atlassian
added 2016/11/28 4:10 a.m.23 views

Update atlassian-gadgets in Confluence to fix AG-1502/ACG-5

For Confluence Server as https://ecosystem.atlassian.net/browse/AG-1502 has been fixed, upgrade atlassian-gadgets to a version = 4.2.14 to pick up a fix for AG-1502. For Confluence Cloud as https://ecosystem.atlassian.net/browse/ACG-5 has been fixed, upgrade atlassian-gadgets to a version = 5.1.1...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/09/07 10:25 a.m.23 views

If user is restricted to only view the space they should not be able to create or import a calendar

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-48465. panel panel:title=23 July 2019 Update|bgColor=e7f4fa Hi everyone, thank you for your interest in this ticket. After...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2016/07/07 9:52 p.m.23 views

XSS in newFileName Field

From an external report: quote Confluence recently has been tested and, as a result, we were able to verify the existence of at least one persistent XSS vulnerability. This vulnerability is present in the Edit Attachment feature — specifically in the newFileName field — accessible through the...

6.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/06/01 6:40 a.m.23 views

JIRA puts a user's XSRF token in various resources.

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61250. panel h5. Steps to Reproduce: Log into JIRA Log out from JIRA h5. Expected Results: The URL shown in the address bar does not show the...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/04/20 7:41 a.m.23 views

Drop support Windows Quicktime plugin from Confluence multimedia plugin

The US Govt is recommending users should uninstall Quicktime for Windows http://krebsonsecurity.com/2016/04/us-cert-to-windows-users-dump-apple-quicktime/ In order to assist users transition we need to drop support for Quicktime plugin from Multimedia plugins and use the "video" tag instead...

3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/12/04 6:12 a.m.23 views

Upgrade to version 3.2.2 of apache commons-collections

quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2015/10/05 10:0 p.m.23 views

Cross-Site Scripting in subscribetocalendar.action

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-48910. panel The contents of the 'subCalendarId' parameter is not validated in POST requests to 'subscribetocalendar.action' an...

6.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/08/04 1:6 p.m.23 views

Workbox Plugin loads full HTML of JIRA comment, leads to GC loop of death on large comment

To reproduce: start Confluence with GC logging enabled optional, but helps Link Confluence and JIRA create an issue in JIRA watch it add a large comment to the JIRA issue, e.g. paste a 7.7MB log file between \code\ tags open the workbox in Confluence optional: in network tab of web developer tool...

7.2AI score
Exploits0
Atlassian
Atlassian
added 2015/07/08 2:41 a.m.23 views

Stop Watching Page in email footer is broken

The link is broken, the error message says that the security token is missing...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/07/08 2:41 a.m.23 views

Stop Watching Page in email footer is broken

The link is broken, the error message says that the security token is missing...

1.9AI score
Exploits0
Atlassian
Atlassian
added 2015/07/01 9:14 p.m.23 views

As a Confluence Administrator, I would like to configure the 'Attachment Download Security Policy' on a per space basis

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-38125. panel h3. Problem Definition As a Confluence Administrator, I would like to configure the 'Attachment Download Security...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/04/23 11:6 a.m.23 views

Modernize Confluence Backup & Restore

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-37322. panel As a User in all possible roles in order to save time & money and prevent unintended problems caused by the current...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/04/08 10:58 a.m.23 views

Update Java version bundled in the installer

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-37164. panel The version of Java bundled with Confluence is 1.7.015 which is a little bit dated February 2013. We should bundle...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/02/26 12:9 a.m.23 views

XSRF - complete task request omits atl-token

Potential XSRF vulnerability in tasks. No atl-token is present in the request to complete a task which suggests an attacker may be able to craft a cross site request forgery and action a task without the correct authorisation...

3.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/02/13 12:27 a.m.23 views

Crucible does not clear all Tokens when Browser is Closed

Problem Closing a browser ends the user session. When the user re-opens the browser and accesses Crucible, there is no login prompt and Crucible treats it like an authenticated user. Any page loads after the initial will result in the user being directed to the login page. Steps to Reproduce Have...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2015/02/07 12:44 a.m.23 views

Application Navigator shows full list of links, including restricted ones

If a user has access to JIRA, but not Confluence, and try to go to a Confluence page, the access error page itself will have the hamburger menu with a full, unrestricted list of all links set up. We have a couple links pointing to code repositories and an older, archived issue tracker. The former...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/02/05 8:33 p.m.23 views

Authentication fails on Push to Stash

When I attempt to Push commit of a few dozen files to the Stash-hosted Git repository, I receive the attached error indicating an authentication failure...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/01/13 9:50 a.m.23 views

User receiving notification from a restricted space

h6. Steps to replicate Download Confluence 5.5.2. Create an user "test". Create a group "testing". Add the user "test" into group "testing". Create a space name "Permission". Restrict the space to group "testing". Access Confluence as user "Test". Access the page name "Permission" and watch the...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/12/02 7:41 a.m.23 views

XSS vulnerability in "children" macro when displaying excerpts

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-35777. panel - Create a parent page A with a child page B - Add an \excerpt\ macro to B containing the text alert"Gotcha!"; - Ad...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2014/08/15 12:38 p.m.23 views

Child pages permissions are not respected in Popular Tab

mfernandezbadii posted this on CONF-33207: quote I found that restricted child pages not the whole space, will still show on the Popular Tab. Example: User can browse a Space. Restricted page is created and user can't browse it or see it in the Popular Tab. Child page is created: User can't brows...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2014/07/22 5:5 a.m.23 views

XSS when adding Stash Linked Repositories

Stash server title in the "Stash server" dropdown is not being escaped and if it contains a script tag that script will be eval'd. Our Stash QA test data has the server title "Welcome to alert666 Long Ståш Title with ..." which causes the "666" to alert when the "Add repository" button is clicked...

Exploits0
Atlassian
Atlassian
added 2014/06/24 6:34 a.m.23 views

Reflected XSS affecting JIRA via Gadgets

Steps to recreate: 1. To view the reflected XSS affecting JIRA, present on the current JIRA installation jira.atlassian.com visit the following link: noformat...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/16 3:56 p.m.23 views

Disabled user are still able to request for password reset email.

h3. Step to Reproduce: Disable a user test in Crowd administration console make sure that there is no duplicate user Request password reset for the disabled user test h3. Expected result No mail will be sent to disabled account. h3. Observerd Result. The disabled user still receive the password...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2014/06/10 5:53 a.m.23 views

XSS in FilterSubscription

h4. To reproduce: Visit: code:none /secure/FilterSubscription!default.jspa?returnUrl=javascript:alert1 code Click "Cancel" An alert should appear This URL should be restricted to the current domain, and to http/https protocols...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/05 7:15 a.m.23 views

Domain restricted signup is creating enabled users on ApacheDS

When a user signs up to a Confluence instance that has domain restricted sign up enabled, they are normally created as disabled users and are unable to login. However, when the underlying user directory does not support disabling users, such as ApacheDS 1.5, then the user ends up being created as...

6.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/05/26 1:6 p.m.23 views

Indexable User Content (Attachments) on Google

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47021. panel User content uploaded onto answers.atlassian.com is indexable by Google due to the lack of appropriate indexing rul...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/05/22 12:50 p.m.23 views

Upgrading to 5.5.1 from 5.4.3 didn't update xwork from 1.13 to 1.17

We recently upgraded our instance following your security advisory. It was discovered shortly after the upgrade that the xwork file that was vulnerable 1.13 was not upgraded to the safe version 1.17. This could have just been specific to our instance but you should check your upgrade process and...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/05/19 3:12 a.m.23 views

Stored XSS in OnDemand Confluence Header via username

This is from an external report. Creating a user with username: code " code and returning to the dashboard will demonstrate the script injection. This PoC will not work in Chrome/Chromium, but will in Firefox and other browsers that do not have such protective measures...

3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/05/19 3:12 a.m.23 views

Stored XSS in OnDemand Confluence Header via username

This is from an external report. Creating a user with username: code " code and returning to the dashboard will demonstrate the script injection. This PoC will not work in Chrome/Chromium, but will in Firefox and other browsers that do not have such protective measures...

3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/03/14 12:35 a.m.23 views

User avatar upload endpoint is vulnerable to XSRF

Stash, as 2.12, will allows users to upload local avatars to their account STASHDEV-6182. That upload is submitted to a non-API end point that accepts a POST request with the avatar as data-uri|https://en.wikipedia.org/wiki/DataUri. Currently, because the form is submitted by AJAX, the end point ...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/01/13 2:54 p.m.23 views

Whitelist or blacklist for inline attachment display

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-32204. panel Currently, there are three Attachment Download Security Policy: Default Insecure Secure !sample.png! It would be...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/12/11 7:33 p.m.23 views

Secure Mail Archive with Space Permissions

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-31945. panel Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visibl...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/13 11:42 p.m.23 views

CSRF in saveeditpagebean.action

EditPageAction, doSaveEditPageBean...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/08 5:0 a.m.23 views

XSS in reorder panel

To reproduce: 1. Open a confluence instance in Firefox. 2. Create a space with key "TEST". 3. Create a page in that space called "alert0". 4. Create two pages with the page from step 3 as their parent. 5. Go to: code:none base...

0.5AI score
Exploits0
Atlassian
Atlassian
added 2013/10/08 4:38 a.m.23 views

XSS in Hot Referrers

To reproduce: 1. Run the following command, replacing \PAGEURL with the URL of a new page and \USERNAME and \PASSWORD with your credentials if anonymous access is not enabled: code:none curl 'PAGEURL' -H 'Referer: https://example.com/x"xx' -u 'USERNAME:PASSWORD' -si code 2. Repeat step 1 a few...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/01 10:54 a.m.23 views

Reflected cross-site scripting (XSS) in dosearchsite action

The dosearchsite action is vulnerable to reflected cross-site scripting XSS via the searchQuery.spaceKey parameter. This vulnerability appears to be very similar to issue CONF-30318 and fixes implemented in response to that issue may fix this vulnerability. If the URL below is visited by an...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2013/09/17 9:4 a.m.23 views

Default application configuration files are available for download

h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under /confluence/WEB-INF/... code/s/1519/3/1.0//WEB-INF/...code The above URL will be accessible by any users including anonymous even to an instance that does not allow anonymous access h5. Not...

2.7AI score
Exploits0
Atlassian
Atlassian
added 2013/09/16 1:47 p.m.23 views

OAuth Administration screen is visible to anonymous users

If anonymous user access is enabled under "Global Permission", user can access to "OAuth Administration" page without the need to log-in. Here is the URL to the page: /plugins/servlet/oauth/view-consumer-info This page display Confluence administrators menu on the sidebar and other information su...

2.5AI score
Exploits0
Atlassian
Atlassian
added 2013/09/16 5:41 a.m.23 views

Arbitrary file or URL download in ExportWordPageServer

To reproduce: 1. Create a new page. 2. Insert an image with URL: code:none file:///etc/passwd code Edit the page, click +, click Image, select the From the Web tab, enter the file: URL shown above, click Insert, click Save. The image appears invisible on some browsers, but you can verify its...

0.2AI score
Exploits0
Atlassian
Atlassian
added 2013/08/22 4:55 a.m.23 views

Make custom field description and options rendering consistent for OnDemand and BTF

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-34440. panel JIRA has different behaviour for how it renders custom field descriptions and options depending on if it's running BTF or on...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/08/02 12:15 a.m.23 views

XSS Vulnerability in About Me field

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46695. panel Steps to reproduce: In id.atlassian.com, add to your About me: code console.log' +++++ Hi Dennis ++++++'; code Save...

3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/11 8:18 a.m.23 views

Some of the REST resources in Navigator plugin are susceptible to XSRF attacks

Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...

1.7AI score
Exploits0
Atlassian
Atlassian
added 2013/07/05 5:19 a.m.23 views

Webwork 2 code injection vulnerability

We have discovered a vulnerability in WebWork 2, which is a part of the Struts web framework. In specific circumstances, attackers can use this vulnerability to execute Java code of their choice on systems that use these frameworks. In case of Bamboo, the attacker needs to be able to access Bambo...

1.7AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295