Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
•added 2010/06/21 3:46 a.m.•22 views

XSS vulnerability in Contributors macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence \contributors macro. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/05/26 3:3 a.m.•22 views

XSS in mailpage plugin

XSS vulnerability has been reported against the mailpage plugin. It allows an attacker to execute arbitrary javascript. A new version of the issue has been released that fixes this problem...

4.8AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/22 4:27 a.m.•22 views

Path for daily backup is configurable through WEB UI

It is possible to set the daily backup path and partial name through the web UI. This could mean that information can be obtained by a rouge admin. This issue addresses that by introducing a flag so concerned administrators can remove this feature. This flag is set to false by default meaning it ...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 12:59 a.m.•22 views

Possible XSS injection in attachment upload

A XSS vulnerability has been identified in attachment upload. The severity of this issue has been rated HIGH. Please refer to the security advisory at http://confluence.atlassian.com/x/ZILmD for information on how we rate issues...

0.6AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/19 3:11 a.m.•22 views

brute force password attack protection by default

We have added an upgrade task to set jira.maximum.authentication.attempts.allowed=5 on all instances even if they previous had set it to something else. This is to ensure that systems are more safe by default...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 5:6 a.m.•22 views

screenshot-redirecter.jsp XSS attach via the afterURL parameter

The screenshot-redirector.jsp does note escape the 'afterURL' URL parameter correctly, leading to an XSS attack vector...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 5:6 a.m.•22 views

screenshot-redirecter.jsp XSS attach via the afterURL parameter

The screenshot-redirector.jsp does note escape the 'afterURL' URL parameter correctly, leading to an XSS attack vector...

3.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 4:29 a.m.•22 views

Announcement Preview banner is a vector for an XSS attack

The announcement preview banner is currently displayed via the global decorator. It can be used for an XSS attack on virtually every page, via the announcementpreviewbannerst URL parameter. We should display the preview only locally in the admin section...

2.7AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/13 5:50 a.m.•22 views

Privilege escalation vulnerability when administrator access is compromised

panel:borderColor=ff0000|borderStyle=solid|bgColor=ffccccNote: This issue is superceded by JRA-21004. Please install the patches on that issue, rather than this one. For more details, see JIRA Security Advisory -...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/09/24 7:28 a.m.•22 views

XSS in header for Personal Spaces

Create a user with username "alert'hahahaha' User creates a personal space Try to add a page to the personal space This is caused by code code However since the personal space doesn't work too well with usernames with crazy letters, I don't think its a Blocker...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/09/02 3:54 p.m.•22 views

"User Custom Field Value" permission type incorrectly exposes JIRA project names to everyone

Problem: Project names are shown to users with no permission to see the project. Impact: Security hole! Recipe: it helps to have two browsers open one logged in as admin the other as the user I will create called dummy Add user dummy Add project blah Add custom field myuser of type user picker,...

6.8AI score
Exploits0
Atlassian
Atlassian
•added 2009/08/12 6:33 p.m.•22 views

Uploading large fonts for PDF export fails with XSRF error

When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/07/28 5:51 a.m.•22 views

Allow issue security level to use any custom field that implements UserCFNotificationTypeAware

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-18099. panel It would be useful to be able to set the security level on an issue to include everyone who participated on an issue so if you...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/06/18 7:0 a.m.•22 views

XSS vulnerability can be exploited on the WebDAV Configuration page

Steps: Go to WebDAV Configuration Enter 'alert"XSS"' Click on 'Add new regex' button The script will be executed. It will continue to be executed whenever a user clicks on the 'Save' button. This can be done by users in the confluence-admin group, so it could be used by them to gain access to...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/29 4:14 a.m.•22 views

XSS in user links

A user with username "alert"foo" that is linked to via \username markup results in script being executed. Curiously, viewing the space homepage of that user results in a blank page. This of course is prevented for public signup, but if the user gets created via other means, i.e. external user...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/26 1:29 a.m.•22 views

XSS in concurrent edit notification

If a page is being editted by noformat alert'hacked' noformat and another user edits it at the same time, they are vulnerable to a potential XSS attack...

2.1AI score
Exploits0
Atlassian
Atlassian
•added 2009/04/24 5:21 p.m.•22 views

Shared Filter properties exposed without authentication

Some URLs are not protected by authentication which could expose some properties in JIRA that users may not wish to reveal. Example 1: Searching filters http://support.atlassian.com/secure/ManageFilters.jspa?filterView=search Example 2: Viewing properties of filters. I can see custom fields, sear...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/04/21 1:28 a.m.•22 views

Import Pages is not restricted to system admins

The Import pages actions is currently restricted to space admins not system admins like it should. Caused by CONF-10039...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/04/10 4:45 a.m.•22 views

Partial space admin permission/authority

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-15172. panel I followed these guidelines, but this is not fine grained enough...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/03/19 4:38 p.m.•22 views

Bright Cove User Macro-Cross-site script

Our e-security found the following error after they scanned the Bright Cove User Macro: Number System/Location Defect Type Status R4 Bright Cove User Macro Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies,...

7.2AI score
Exploits0
Atlassian
Atlassian
•added 2009/03/19 4:23 p.m.•22 views

Reporting Plugin- Cross-site scripting error

Our e-security found the following error for the Reporting plugin: Number System/Location Defect Type Status R2 Reporting Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies, which may be used to...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/03/19 4:23 p.m.•22 views

Reporting Plugin- Cross-site scripting error

Our e-security found the following error for the Reporting plugin: Number System/Location Defect Type Status R2 Reporting Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies, which may be used to...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/03/12 7:47 a.m.•22 views

JIRA build information not included in dummy XML responses to search filter requests which users do not have access to

The build-info element is missing from the response to search filter XML requests. noformat https://support.atlassian.com/sr/jira.issueviews:searchrequest-xml/10593/SearchRequest-10593.xml?tempMax=100 noformat Happens if the user does not have access to the filter. See also...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/02/12 1:0 a.m.•22 views

Password is being logged for 500 errors

The user passwords are being exposed in the log files when a 500 error happens. The following Jira solved the problem for the information displayed in the user Browser: http://jira.atlassian.com/browse/CONF-12360...

0.7AI score
Exploits0
Atlassian
Atlassian
•added 2009/01/05 1:54 p.m.•22 views

Assignment of JSESSIONIDs

I believe it should be a feature in future versions of Confluence to assign a different JSESSIONID to the user's session once they have authenticated and logged in to the site. This is to differentiate between a user's session before they have logged in and after they have authenticated and have ...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/10/27 5:18 a.m.•22 views

Confluence administrators (who are not necessarily sys admins) can configure whitelist

A user who has the "Confluence Administrator" permission, but not necessarily the "System Administrator" permission, can configure the new URL whitelist for the HTML-include and RSS macros. Is this good enough, from a security point of view?...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/10/01 10:56 p.m.•22 views

Restrict access to page history to certain users (or groups)

A customer requested for a new feature to restrict access to page history only to a particular group or certain users...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/09/15 4:42 p.m.•22 views

XSS in pagetree plugin

The pagetree plugin is vulnerable for XSS injecting the code in the treeId field. Example below:...

6.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/06/04 1:58 a.m.•22 views

SSO credentials not used in IssueViewURLHandler

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-15048. panel A customer has created a SSO plugin and are facing some specific issues in this context. When they click on the printable link o...

7.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/04/08 9:34 a.m.•22 views

It's possible to browse project names when using Issue Security Scheme.

A customer user is set up and only allowed to see "External" issues. - The user is added as project role "Customers" in project "X". - The project got Issue Security Scheme "Customers". Internal / External When logging in as the customer user, you can only see the External issues within this...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/03/18 4:38 a.m.•22 views

XSS vulnerability in social bookmarking plugin bundled in Confluence

The social bookmarking plugin is bundled in Confluence 2.7.x and Confluence 2.6.x. As such this vulnerability affects all 2.7.x and 2.6.x instances even if you do not use the plugin or do not have the Add Bookmark Web Item enabled. The updatebookmark.action URL is vulnerable on these parameters: ...

1.8AI score
Exploits0
Atlassian
Atlassian
•added 2008/03/17 7:12 a.m.•22 views

XSS vulnerabilities in insert image and link actions

In 2.7.x, the following URL's are vulnerable: - /users/insertlink.action - /users/insertlink-page-attachmentstab.action - /users/insertlink-page-uploadfile.action - /users/insertlink-draft-attachmentstab.action - /users/insertlink-draft-uploadfile.action - /users/doinsertimageinpage.action -...

4.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/03/17 7:12 a.m.•22 views

XSS vulnerabilities in insert image and link actions

In 2.7.x, the following URL's are vulnerable: - /users/insertlink.action - /users/insertlink-page-attachmentstab.action - /users/insertlink-page-uploadfile.action - /users/insertlink-draft-attachmentstab.action - /users/insertlink-draft-uploadfile.action - /users/doinsertimageinpage.action -...

4.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/03/10 4:58 a.m.•22 views

XSS vulnerability in signup actions

Vulnerable URL's: - signup.action - dosignup.action on username, email, password, confirm, fullname...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/03/10 4:44 a.m.•22 views

viewuser.action has an XSS problem around username

Steps to reproduce: create a user with username: foo"alert'hello';span class="ff you should get an alert when you are redirected to viewuser.action to view the user you just created...

1.7AI score
Exploits0
Atlassian
Atlassian
•added 2008/02/08 2:18 p.m.•22 views

Seperate label permissions from edit issue permission

In 3.11 the labels plugin changed so that manipulating labels required the "Edit Issue" permission. This drastically impacted our organizations workflow, as we'd just introduced labels in our previous upgrade, and we don't give "edit issues" to all users, but we do want all authenticated users to...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/01/23 2:4 p.m.•22 views

Different IE browser windows have different sessions and different session timeout timing

One of our user reported the following: ---- I discovered the reason why JIRA sometimes closes my IE session, it depends on the way you login: 1 When you login via navigation to your home page http://support/jira/secure/Dashboard.jspa all is ok, multiple JIRA sessions never expire. 2 When you log...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/10/17 12:34 a.m.•22 views

Move velocity templates and other web resources into WEB-INF in the Confluence webapp

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-9730. panel It presents a small information leak, and is just tidier if we put all the internal stuff into WEB-INF...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/09/13 8:15 a.m.•22 views

XSS Bug in printable link display

A Cross sites scripting vulnerability exists in macro used to render the 'printable' link. Here is an exploit for the vulnerability that works https://servername/wiki/display/a/2007/09/%22%3E%3Cscript%3Ealert'Watchfire%20XSS%20Test%20Successful'%3C/script%3E Bug was found using APPScan...

6.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/08/10 11:43 p.m.•22 views

It is possible to see components without logging in

It is possible to see project's components without logging in by just guessing urls, e.g. jira-installation/browse/KEY/component/10881. This will show all the information written on component issues are not shown. This should be restricted so that it is impossible to see any project information...

2.4AI score
Exploits0
Atlassian
Atlassian
•added 2007/07/24 7:51 a.m.•22 views

Reflected XSS Vulnerability in the Feed Builder

---- Input in the Feed Builder is not properly handled. Insert: code "alert'Gotcha!' code as the feed name title and you get url like this:...

0.5AI score
Exploits0
Atlassian
Atlassian
•added 2007/07/23 11:49 a.m.•22 views

Vulnerability against DoS attack at permission setting

Description: This bug is similar like this one: http://jira.atlassian.com/browse/CONF-8978. Exploit: Insert to the "Grant permission to" field x thousand comma without sapce...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/07/19 12:56 p.m.•22 views

XSS vulnerability in app/pages/listpages-alphaview.action

Description: XSS via the "startsWith" field in pages/listpages-alphaview.action. Exploit: noformathttp://app/pages/listpages-alphaview.action?key=&startsWith=xss:alertdocument.cookienoformat...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/05/18 6:7 p.m.•22 views

Assign Groups to Project Role screen allows entry of users as groups

When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...

2.5AI score
Exploits0
Atlassian
Atlassian
•added 2006/11/29 8:6 a.m.•22 views

Directory listing enabled on Tomcat

Tomcat has directory listing enabled by default. This allows browsing directories such as /images/. It seems that the filters do not take action in preventing the unauthorized access. When directory listing is disabled /conf/web.xml in Tomcat directory Jira gives 404 errors. See...

3.8AI score
Exploits0
Atlassian
Atlassian
•added 2006/11/29 8:6 a.m.•22 views

Directory listing enabled on Tomcat

Tomcat has directory listing enabled by default. This allows browsing directories such as /images/. It seems that the filters do not take action in preventing the unauthorized access. When directory listing is disabled /conf/web.xml in Tomcat directory Jira gives 404 errors. See...

3.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2005/09/14 4:22 a.m.•22 views

A user cannot set the security level to none if the default security level is set

Selecting 'none' always creates an issue with the default security level...

1AI score
Exploits0
Atlassian
Atlassian
•added 2005/05/04 4:22 a.m.•22 views

LDAP authentication falls back to database check when password is incorrect

If a user is present in LDAP, but the entered password is incorrect, JIRA ought to immediately fail to authenticate them. Instead in 3.2-beta it delegates to the database, and checks the password there...

1.8AI score
Exploits0
Atlassian
Atlassian
•added 2004/11/08 2:58 p.m.•22 views

A page containing the rss-macro is not displayed if the requested rss-feed is "down"

A page containing the rss-feed macro is not shown if the requested rss-feed is "down" there's no response sent to the browser. It would certainly be better if the page could be displayed anyway; perhaps with a message stating that the feed contents can't be fetched...

0.7AI score
Exploits0
Atlassian
Atlassian
•added 2004/08/25 6:33 a.m.•22 views

Enhance Seraph SSO support to create users automatically

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-4299. panel Users of SSO systems generally also have some sort of external user management. As a simple first step, JIRA's SSO authenticator...

2AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295