Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
•added 2012/08/04 9:29 a.m.•22 views

Add an option in User Directory settings to make an SSL LDAP connection but without verifying that the hostname and certificate match

Starting JIRA 5.1, the embedded crowd has been upgraded from version 2.3.2 to 2.4. This includes the security fix CWD-2690 won't be visible to public that has been announced in Crowd 2.3.6 release notes - Crowd 2.3.6 Release...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/08/03 3:24 a.m.•22 views

XSS (reflected) in fieldsKeys parameter of GHCreateNewIssue.jspa

Targets: https://test01.jira-dev.com/secure/GHCreateNewIssue.jspa?key=&issueType=7&fieldsKeys=priority,customfield10006,summary,fixVersions,components,customfield10005,assignee,customfield10004,reporter,customfield100039fd29alert'XSS'15d31825f8e9d6606&fieldsValues=1@%@...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/08/03 3:24 a.m.•22 views

XSS (reflected) in fieldsKeys parameter of GHCreateNewIssue.jspa

Targets: https://test01.jira-dev.com/secure/GHCreateNewIssue.jspa?key=&issueType=7&fieldsKeys=priority,customfield10006,summary,fixVersions,components,customfield10005,assignee,customfield10004,reporter,customfield100039fd29alert'XSS'15d31825f8e9d6606&fieldsValues=1@%@...

2.8AI score
Exploits0
Atlassian
Atlassian
•added 2012/07/27 1:56 a.m.•22 views

Potential remote code execution due to embedding of old django-piston

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46819. panel The exposed atlassian api for forummodules found under forummodules/atlassian/api uses an outdated version of...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/06/11 8:19 a.m.•22 views

Password Reset doesn't recognise spaces in usernames

When I enter my new password and submit the page, it responds with a message about the username 'philip', but my username is 'philip widan'. There was a similar issue with the Bonfire plugin, which required an upgrade to JIRA v5 to resolve. The URL I clicked on to get to the password reset page...

7.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/05/21 7:54 a.m.•22 views

persistent xss through flash swf file attachment download

It is possible to upload a flash swf file which when the attachment 'download' url is visited the flash swf file is executed in the browser and as such can use ExternalInterface.call method to inject javascript defined in the swf file into the browser...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/04/19 1:17 a.m.•22 views

admin/osuser2atluser.jsp lacks an XSRF token to perform user transfer operations

e.g. http://localhost:8090/admin/osuser2atluser.jsp?migrate=start&transferGroupMembership=true and http://localhost:8090/admin/osuser2atluser.jsp?migrate=start When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/04/19 1:17 a.m.•22 views

admin/osuser2atluser.jsp lacks an XSRF token to perform user transfer operations

e.g. http://localhost:8090/admin/osuser2atluser.jsp?migrate=start&transferGroupMembership=true and http://localhost:8090/admin/osuser2atluser.jsp?migrate=start When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/04/19 1:14 a.m.•22 views

admin/fixCaseInSpacePermissions.jsp lacks an XSRF token to 'fix the case of your space permissions'

admin/fixCaseInSpacePermissions.jsp does not require a csrf token to 'fix the case of your space permissions'. When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2012/04/13 10:5 p.m.•22 views

Confluence does not respect HTTPS in Server Base URL when 301 redirecting

We have Confluence setup behind an Apache reverse proxy and our Server Base URL is set to "https://confluence...". However, when Confluence sends out a 301, it always sends the Location: http://confluence..., which then gets redirected by Apache to https://confluence... Confluence should respect...

0.4AI score
Exploits0
Atlassian
Atlassian
•added 2012/03/05 10:35 a.m.•22 views

Direct access to issue via url discloses structure without authentication

If an issue is accessed via the direct url an error message discloses if the issue is existent or not - even when the use isn't logged-in. In contrast, an existing issue redirects to the login form. This knowledge may open an attack vector on private Jira instances that require authentication...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/12/01 1:7 p.m.•22 views

Activity Streams shows restricted content from Confluence

To reproduce: Create a test user Configure the user to only belong to the 'users' group Remove 'users' group from Confluence global permission, hence, 'users' group won't be able to use Confluence In the activity streams gadget in default JIRA dashboard, test user can still see Confluence...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/10/28 6:22 p.m.•22 views

Cross Site Request Forgery - Deleting User's Dashboards

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL:...

Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/09/29 7:31 p.m.•22 views

Visual clues to native vs. ldap users and groups

In a mixed environment with Confluence and LDAP users and groups, it would be helpful when administering users and groups to see if they belong in LDAP or Confluence. Perhaps different color icons...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/09/05 3:18 p.m.•22 views

Inline attachment downloads vulnerable to XSS by setting tweaked HTML content type

Please see CONFDEV-9069 https://jira.atlassian.com/browse/CONFDEV-9069 for the current issue addressed at fixing attachment XSS vulnerabilities. --- TLDR: white-list mime-types which can be served "inline" and don't let the user set arbitrary mime-types. I have been having a good laugh sorry...

6.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/08/18 1:40 a.m.•22 views

JIRA FishEye plugin not working - Error handling trusted applications authentication attempt: BAD_SIGNATURE

This bug effects you if: you are running JIRA 4.4+ and FishEye 2.6.0-2.6.3 you have Trusted Applications authenticating the link between your JIRA and FishEye servers If you attempt to configure or use the JIRA FishEye plugin, you may see errors in the UI and log messages like this in JIRA:...

Exploits0
Atlassian
Atlassian
•added 2011/08/09 7:49 a.m.•22 views

Members of confluence-administrators group can browse to restricted pages

Expected behaviour is that a Confluence admin can view a page restricted to others by hitting the URL directly to help resolve any permission issues. In 3.5.x the admins can also browse to these pages via Browse Pages...

3.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/07/27 11:58 p.m.•22 views

Password History Count does not work for ATLASSIAN-SECURITY directories

Testing this locally on Crowd 227, I set the password history count to 1, then tried resetting my password through the interface and through 'Forgot Password' e-mail link, but was able to consistent use old passwords. I also expired the password, forcing a password change, but that also let me...

0.2AI score
Exploits0
Atlassian
Atlassian
•added 2011/07/22 4:46 a.m.•22 views

Enable X-FRAME-Options header to implement clickjacking protection

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-25143. panel TLDR: Add X-FRAME-Options: SAMEORIGIN to all HTTPS pages server config, and test that nothing breaks. --- Description: Current...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/06/14 5:27 a.m.•22 views

Admin JSPs don't have XSRF protection

As well as a number of XSS bugs which were recently fixed in CONF-22568, the JSPs contained in Confluence don't support the same XSRF protection which our actions use. We should convert this functionality over to actions and only use JSPs to deliver patches to customers, not for proper...

2.4AI score
Exploits0
Atlassian
Atlassian
•added 2011/06/10 5:28 p.m.•22 views

Make captcha harder, or allow configuration of captcha difficulty, in order to prevent sophisticated spam attacks

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-22700. panel Every day we get a load of automated anonymous comment spam on our confluence pages. It seems that the captcha is t...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/06/07 12:52 a.m.•22 views

XSS Vulnerability in Issue Links and Labels

We have identified and fixed a number of cross-site scripting XSS vulnerabilities in JIRA issue links and labels. Affected versions are 4.2.x to 4.3.x XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a JIRA page. You can read more about XSS attacks at various...

Exploits0
Atlassian
Atlassian
•added 2011/05/06 8:26 p.m.•22 views

When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users

Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here:...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/03/23 5:32 a.m.•22 views

Searching within restricted pages/spaces

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-22074. panel This is the issue reference:...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/03/23 5:32 a.m.•22 views

Searching within restricted pages/spaces

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-22074. panel This is the issue reference:...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/03/14 5:44 a.m.•22 views

XSRF token broken when you edit an Issue Type Scheme

If you click the Edit link beside the currently selected Issue Type Scheme on a Project Summary page and then click Save on the next screen you get an XSRF token missing error...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/02/15 12:5 p.m.•22 views

Ability to perform a bulk random password reset for users per project

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-23703. panel Would like to have the ability to perform a bulk password reset on user accounts for any particular JIRA project. Have recently...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/02/09 1:53 p.m.•22 views

User Enumeration

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that at least two vulnerabilities regarding User Enumeration were found within the software. Case 1: Logged In Whenever a logged user accesses the Url...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/12/05 10:25 p.m.•22 views

Basic auth authentication does not allow files to be attached in 4.2

From the customer support case quote When using osauthType=basic to login to JIRA 4.2 a user is able to upload an attachment as a temporary file, but is unable to attach the temporary file to the issue. We noticed the exact same behavior ... had worked with JIRA 4.1.2. quote The Atlassian support...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/12/03 3:17 a.m.•22 views

XSS vulnerability in Recently Updated macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence recently-updated macro. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including these...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/12/03 3:17 a.m.•22 views

XSS vulnerability in Recently Updated macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence recently-updated macro. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including these...

0.1AI score
Exploits0
Atlassian
Atlassian
•added 2010/10/10 8:4 p.m.•22 views

Google Chrome shows mixed content warning

Hello, when JIRA is requested via https with Google Chrome 6.0.472.63 on all URLs of JIRA https is in red, crossed out and a padlock with red cross is shown with this description: "Your connection is encrypted with 128-bit encryption. However, this page includes other resources which are not...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/09/27 5:20 p.m.•22 views

Non-secure content warning in IE8 on the Dashboards screen caused by the wiki renderer

Wiki renderer-generated contents e.g. in the activity stream include references to icons with http prefix that cause IE8 to generate security warnings for JIRA instances accessible via HTTPS. To reproduce it, have contents in the activity stream gadget contain icons included by the wiki renderer,...

1.1AI score
Exploits0
Atlassian
Atlassian
•added 2010/09/03 7:23 a.m.•22 views

XSS vulnerability in Confluence Space Names

We have identified and fixed a cross-site scripting XSS vulnerability in Confluence Space Names. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An attacker's te...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/09/03 3:14 a.m.•22 views

Allow anonymous/public access at page level

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-20737. panel Although a space might be restricted to some groups/users, it is sometimes required to allow public/anonymous acce...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/08/25 1:48 a.m.•22 views

Confluence should not allow configuration of Office Connector temporary storage location

Earlier versions of Confluence allow the administrator to set the temporary storage location for the View File macro, part of the Office Connector. Provided an attacker has gained administrative access to the system in some way, they could then exploit this vulnerability to save malicious files...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/08/25 1:39 a.m.•22 views

Path traversal vulnerability in various Confluence actions

We have identified and fixed a path traversal vulnerability in various Confluence actions. By exploiting a path traversal vulnerability, attackers can retrieve any file on the server that is running Confluence, based on the permissions of the user under which Confluence is running. Path traversal...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/08/04 10:49 a.m.•22 views

Display Last-Login-Date for the User

Dear Atlassian! I don't know whether a ticket like this already exits or was solved, but I couln't find any. We would like to have displayed for any user after he logged in the time when he logged in before. This helps to find out whether someone else got hold of username&password and uses the...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/07/28 4:42 p.m.•22 views

NullPointerException when there are no cookies and AccessLogRequestInfo is enabled

When using the filter-list and project-list plugins I ran into an issue where NullPointerExceptions were being thrown. I turned out the issue is in AccessLogRequestInfo when the Cookie header doesn't exists. The line that causes the exception is a log.debug line. I am including a patch that check...

1.2AI score
Exploits0
Atlassian
Atlassian
•added 2010/06/21 3:46 a.m.•22 views

XSS vulnerability in Contributors macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence \contributors macro. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/05/26 3:3 a.m.•22 views

XSS in mailpage plugin

XSS vulnerability has been reported against the mailpage plugin. It allows an attacker to execute arbitrary javascript. A new version of the issue has been released that fixes this problem...

4.8AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/22 4:38 a.m.•22 views

SOAP and XML-RPC APIs return too much information

The SOAP and XML-RPC APIs return more information than is needed. This issue corrects that problem. This issue is rated HIGH. Please see http://confluence.atlassian.com/x/ZILmD for more security related issues and information on how we rate our issues...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 4:27 a.m.•22 views

Path for daily backup is configurable through WEB UI

It is possible to set the daily backup path and partial name through the web UI. This could mean that information can be obtained by a rouge admin. This issue addresses that by introducing a flag so concerned administrators can remove this feature. This flag is set to false by default meaning it ...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 4:27 a.m.•22 views

Path for daily backup is configurable through WEB UI

It is possible to set the daily backup path and partial name through the web UI. This could mean that information can be obtained by a rouge admin. This issue addresses that by introducing a flag so concerned administrators can remove this feature. This flag is set to false by default meaning it ...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 4:0 a.m.•22 views

The list of Confluence administrators is accessible via a URL

Confluence exposes a list of the administrators. This issue corrects this by removing the list and providing the user with a form that can be used to send e-mail to all the relevant administrators on the user's behalf...

4.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 12:59 a.m.•22 views

Possible XSS injection in attachment upload

A XSS vulnerability has been identified in attachment upload. The severity of this issue has been rated HIGH. Please refer to the security advisory at http://confluence.atlassian.com/x/ZILmD for information on how we rate issues...

0.6AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/19 3:11 a.m.•22 views

brute force password attack protection by default

We have added an upgrade task to set jira.maximum.authentication.attempts.allowed=5 on all instances even if they previous had set it to something else. This is to ensure that systems are more safe by default...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 5:6 a.m.•22 views

screenshot-redirecter.jsp XSS attach via the afterURL parameter

The screenshot-redirector.jsp does note escape the 'afterURL' URL parameter correctly, leading to an XSS attack vector...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 5:6 a.m.•22 views

screenshot-redirecter.jsp XSS attach via the afterURL parameter

The screenshot-redirector.jsp does note escape the 'afterURL' URL parameter correctly, leading to an XSS attack vector...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 4:29 a.m.•22 views

Announcement Preview banner is a vector for an XSS attack

The announcement preview banner is currently displayed via the global decorator. It can be used for an XSS attack on virtually every page, via the announcementpreviewbannerst URL parameter. We should display the preview only locally in the admin section...

2.7AI score
Exploits0
Total number of security vulnerabilities4295