Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2009/04/24 5:21 p.m.23 views

Shared Filter properties exposed without authentication

Some URLs are not protected by authentication which could expose some properties in JIRA that users may not wish to reveal. Example 1: Searching filters http://support.atlassian.com/secure/ManageFilters.jspa?filterView=search Example 2: Viewing properties of filters. I can see custom fields, sear...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/04/24 5:21 p.m.23 views

Shared Filter properties exposed without authentication

Some URLs are not protected by authentication which could expose some properties in JIRA that users may not wish to reveal. Example 1: Searching filters http://support.atlassian.com/secure/ManageFilters.jspa?filterView=search Example 2: Viewing properties of filters. I can see custom fields, sear...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/04/10 4:45 a.m.23 views

Partial space admin permission/authority

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-15172. panel I followed these guidelines, but this is not fine grained enough...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/04/09 1:34 a.m.23 views

Update JIRA certificate for Screenshot Applet and others. It expires in June 2009

See https://extranet.atlassian.com/jira/browse/ADM-3253 Move Steves branch into trunk in the process. Also I think the build environment might need direct updating...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/03/12 4:24 p.m.23 views

Vulnerable and pointless password storage on client computers

Given the following: -http://confluence.atlassian.com/display/DOC/Confluence+Cookies, which says "a one-way hash of the user's password" is stored in a browser cookie on the user's computer. -CSP-29692 case I opened with Atlassian support, which explained that EncryptionUtils.java is used to...

7.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/03/12 7:47 a.m.23 views

JIRA build information not included in dummy XML responses to search filter requests which users do not have access to

The build-info element is missing from the response to search filter XML requests. noformat https://support.atlassian.com/sr/jira.issueviews:searchrequest-xml/10593/SearchRequest-10593.xml?tempMax=100 noformat Happens if the user does not have access to the filter. See also...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/02/04 6:44 a.m.23 views

Fix header injection vulnerabilities

A number of vulnerabilities were found during JRA-16024 which expose JIRA to header injection attacks: Note that different application server configurations may expose or hide the presence of a header injection vulnerability. Standalone tomcat is usually not vulnerable. Tomcat 5.5.26 redirects al...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/01/28 9:58 p.m.23 views

Ability to grant Import/Export privileges to a group or a user

In our JIRA environment, we have several projects where each of the project admins uploads tasks from a CSV file into their respective project. Inorder for these project admins have the upload permissions, they need to be part of the JIRA System Administration group. This is unacceptable and is a...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/01/05 1:54 p.m.23 views

Assignment of JSESSIONIDs

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-14112. panel I believe it should be a feature in future versions of Confluence to assign a different JSESSIONID to the user's...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/11/28 5:50 a.m.23 views

Confluence displays ALL attachments when the following URL is viewed

i removed the space key from the URL for the normal space attachment viewing, and it displays all the attachments for all spaces in the install of Confluence, Irrispecitve of space and page level permission restrictions. For Example:...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/10/27 5:18 a.m.23 views

Confluence administrators (who are not necessarily sys admins) can configure whitelist

A user who has the "Confluence Administrator" permission, but not necessarily the "System Administrator" permission, can configure the new URL whitelist for the HTML-include and RSS macros. Is this good enough, from a security point of view?...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/09/17 9:4 p.m.23 views

It's possible to execute a workflow action without being logged in.

To reproduce, open Jira in two browser windows. In the first, navigate to an issue with an available workflow action. In the second, log out. In the first, perform one of the workflow actions. You'll see a page asking you to log back in, but the action has still been performed. To see this, in th...

2.9AI score
Exploits0
Atlassian
Atlassian
added 2008/09/15 4:5 p.m.23 views

Stored XSS in wiki macro search

Creating a page/comment etc with the following wiki-markup macro will render javascript on the page for anybody visiting this page search:query=alertdocument.cookie IMPORTANT: please confirm receipt of this notification! Depending on the response, we may report the vulnerability to publicly...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/03/18 3:16 a.m.23 views

XSS vulnerability in browseusers.vm

browseusers.vm does not escape usernames...

1.5AI score
Exploits0
Atlassian
Atlassian
added 2008/03/17 5:0 a.m.23 views

XSS vulnerability in pagepicker.action and spacepagepicker.action

The following URL's are vulnerable: - /users/pagepicker.action - /users/spacepagepicker.action on formname, fieldname and currentspace panel:bgColor=99ff99 h4. Patch instructions for 2.6.x and 2.7.x 1. Shut down Confluence 2. Copy attached pagepicker.vm to confluence/users/ 3. Start up Confluence...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/03/12 12:36 a.m.23 views

XSS vulnerabilities in create space action

The following URL's are vulnerable: - spaces/createspace-start.action - spaces/createspace.action on key and name parameters...

3.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/02/25 6:5 a.m.23 views

Users with view permissions on a space are able to delete (purge) pages they don't have permission to edit/access

If a user has at least view permissions on a space they can purge any page in that space using the URL: /pages/purgetrashitem.action?key=&contentId= and the right contentId and space key. A purge can be performed even if the page has not been marked for deletion. This issue has been replicated an...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/02/08 2:18 p.m.23 views

Seperate label permissions from edit issue permission

In 3.11 the labels plugin changed so that manipulating labels required the "Edit Issue" permission. This drastically impacted our organizations workflow, as we'd just introduced labels in our previous upgrade, and we don't give "edit issues" to all users, but we do want all authenticated users to...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/12/07 2:32 p.m.23 views

XSS vulnerability in recently updated and configure RSS feed actions

Our eSecurity team has identified a Cross Site Scripting issue with the confluence server as follows: Arbirtatry javascript can be injected in the following cases which can lead to escalated or invalid privileges being granted to an unauthorized user: 1...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/11/02 3:23 a.m.23 views

You are able to delete a Custom Field that is referenced in Permission settings.

If you add a User Custom Field as a permission in a permission scheme or issue level security scheme, you are then able to delete the Custom Field without validation or warnings. After deleting the field, you are still able to see the Custom Field ID in the permission scheme, although it can...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/11/02 3:23 a.m.23 views

You are able to delete a Custom Field that is referenced in Permission settings.

If you add a User Custom Field as a permission in a permission scheme or issue level security scheme, you are then able to delete the Custom Field without validation or warnings. After deleting the field, you are still able to see the Custom Field ID in the permission scheme, although it can...

1AI score
Exploits0
Atlassian
Atlassian
added 2007/10/25 9:58 a.m.23 views

"Forgot password" function allows easy misuse

The "Forgot password" function invents a new password and sends it by email. This invites to misuse as guessing the userid already allows to annoy or even lock-out the legitimate account owner. The user may currently not have access to his email account or the mail could be killed by a spam filte...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/12 10:49 p.m.23 views

Security Issue: XSS in wiki exception error page

The confluence wiki does contain a XSS possibility in the exception error page. The user input string is NOT output encoded at following lines: a - - Query String: url=alertdocument.cookie b - javax.servlet.forward.querystring : url=alertdocument.cookie c - atlassian.core.seraph.original.url :...

6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/09 3:24 p.m.23 views

user value of JiraAuthenticationContext not set is SOAP service getIssue()

Call to JiraAuthenticationContext.setUser missing during getIssue SOAP service call. Service call will fail silently if there are custom fields with explicit secutity checking for attributes derived from current user. In my case I try to verify existance of an issue using getIssue SOAP service...

1.6AI score
Exploits0
Atlassian
Atlassian
added 2007/09/06 6:57 p.m.23 views

Option to disable "secure" cookie when using HTTPS just for login page

Confluence's "remember me" tickbox doesn't work if the login page is secure, but the rest of the application is unsecured. Seraph's CookieUtils.setCookie method create a secure cookie ref|http://www.apps.ietf.org/rfc/rfc2965.htmlpage-7 if the request had a secure URL, and this cookie isn't sent b...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/08/31 4:13 a.m.23 views

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

6.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/07/30 6:32 p.m.23 views

"Current Assignee" on Browse Permission problem

I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: - Project Lead - Project Role Administrators - Project Role Clients Among the 5 users, 3 fit these categories. One is a proje...

2.6AI score
Exploits0
Atlassian
Atlassian
added 2007/07/24 7:51 a.m.23 views

Reflected XSS Vulnerability in the Feed Builder

---- Input in the Feed Builder is not properly handled. Insert: code "alert'Gotcha!' code as the feed name title and you get url like this:...

0.5AI score
Exploits0
Atlassian
Atlassian
added 2007/07/23 11:49 a.m.23 views

Vulnerability against DoS attack at permission setting

Description: This bug is similar like this one: http://jira.atlassian.com/browse/CONF-8978. Exploit: Insert to the "Grant permission to" field x thousand comma without sapce...

0.2AI score
Exploits0
Atlassian
Atlassian
added 2007/07/19 8:51 a.m.23 views

People Directory search can be misused to retrieve email addresses of all users

Even when email addresses should be hidden because of global settings, it is possible to retrieve email addresses of all the users in the system by misusing search in people directory. It seems that the email address is one of the attributes that are being indexed by the search engine. So if one...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/04/26 3:14 p.m.23 views

Allow embedding multimedia content located on remote servers

Re: CSP-8387 Currently, when embedding multimedia content on Confluence you are restricted to embedding files located on the Confluence server. The page http://confluence.atlassian.com/display/CONF20/Embedding+Multimedia+Content singles out "security reasons" as the reason for this limitation. In...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/03/07 9:2 p.m.23 views

Project Role Modifications not reflected in Issue Security Scheme

If you modify users/groups in a project's project role and this project uses an issue security scheme, you must remove the role and re-add it to the issue security scheme for the role changes to take effect. Steps to Reproduce: 1. Need to be the admin of a project whose issue creation screen has...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2006/11/29 8:6 a.m.23 views

Directory listing enabled on Tomcat

Tomcat has directory listing enabled by default. This allows browsing directories such as /images/. It seems that the filters do not take action in preventing the unauthorized access. When directory listing is disabled /conf/web.xml in Tomcat directory Jira gives 404 errors. See...

3.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2006/11/29 8:6 a.m.23 views

Directory listing enabled on Tomcat

Tomcat has directory listing enabled by default. This allows browsing directories such as /images/. It seems that the filters do not take action in preventing the unauthorized access. When directory listing is disabled /conf/web.xml in Tomcat directory Jira gives 404 errors. See...

3.8AI score
Exploits0
Atlassian
Atlassian
added 2005/09/14 4:22 a.m.23 views

A user cannot set the security level to none if the default security level is set

Selecting 'none' always creates an issue with the default security level...

1AI score
Exploits0
Atlassian
Atlassian
added 2005/05/04 4:22 a.m.23 views

LDAP authentication falls back to database check when password is incorrect

If a user is present in LDAP, but the entered password is incorrect, JIRA ought to immediately fail to authenticate them. Instead in 3.2-beta it delegates to the database, and checks the password there...

1.8AI score
Exploits0
Atlassian
Atlassian
added 2002/08/26 1:28 a.m.23 views

Have JIRA delete cookie when user authentication fails

I would like to suggest that if JIRA loads the user details id and password from a cookie and attempts to authenticate and fails then JIRA should delete the cookie. The logic behind this is: We are using LDAP for authentication to Novell's NDS and if a user gets JIRA to remember their id and...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2002/07/09 10:11 p.m.23 views

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

2.4AI score
Exploits0
Atlassian
Atlassian
added 2002/07/09 10:11 p.m.23 views

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.22 views

DOM-based XSS in Jira Software Data Center

This High severity DOM-based XSS vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This DOM-based XSS vulnerability, with a CVSS Score of 8 and a CVSS Vector of...

8CVSS6.8AI score0.0077EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.22 views

DOM-based XSS in Jira Service Management Data Center

This High severity DOM-based XSS vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DOM-based XSS vulnerability, with a CVSS Score of 8 and a CVSS Vector of...

8CVSS6.8AI score0.0077EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.22 views

File Inclusion in Jira Software Data Center

This High severity File Inclusion vulnerability was introduced in versions 9.15.2, 9.16.1, 9.17.1, 10.0.1, 10.1.1, 10.2.1, 10.3.0, 10.4.1, 10.5.1, 10.6.0, 10.7.1, 11.0.1, 11.1.1, 11.2.0, and 11.3.0 of Jira Software Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2 and a CVS...

8.6CVSS6.7AI score0.00408EPSS
Exploits2
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.22 views

DoS (Denial of Service) in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of...

7.5CVSS6.3AI score0.0043EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/20 2:22 a.m.22 views

DoS (Denial of Service) net.minidev:json-smart Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.3.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticat...

7.5CVSS6.6AI score0.01119EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/17 1:47 a.m.22 views

DoS (Denial of Service) brace-expansion Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticate...

9.2CVSS6.5AI score0.00481EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/16 6:22 p.m.22 views

RCE (Remote Code Execution) org.yaml:snakeyaml Dependency in Confluence Data Center

This Confluence release includes updates to our org.yaml:snakeyaml dependency in response to CVE-2022-1471. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the known path for...

9.8CVSS6.5AI score0.99615EPSS
Exploits7
Atlassian
Atlassian
added 2026/04/14 10:29 p.m.22 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...

8.7CVSS5.8AI score0.01125EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/09 10:29 p.m.22 views

Improper Authorization commons-beanutils:commons-beanutils Dependency in Jira Software Data Center

This High severity Improper Authorization vulnerability was introduced in versions 9.12.1, 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, and 10.7.1 of Jira Software Data Center. This Improper Authorization vulnerability, with a CVSS Score of 8.8 and a CVSS Vector...

8.8CVSS6.2AI score0.01548EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/08 10:29 p.m.22 views

RCE (Remote Code Execution) org.yaml:snakeyaml Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity RCE Remote Code Execution vulnerability was introduced in versions 11.3.3 of Jira Service Management Data...

9.8CVSS7.5AI score0.99615EPSS
Exploits7
Atlassian
Atlassian
added 2026/04/08 4:29 a.m.22 views

DoS (Denial of Service) com.squareup.okio:okio Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.0, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 11.0.1, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...

7.5CVSS6.7AI score0.01077EPSS
Exploits1
Total number of security vulnerabilities4295