Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2002/04/09 2:39 p.m.22 views

Asked to re-authenticate to delete issue

/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2026/05/11 11:32 p.m.21 views

RCE (Remote Code Execution) at com.fasterxml.jackson.core:jackson-core dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an unauthenticated...

8.7CVSS6.1AI score0.00634EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.21 views

File Inclusion in Jira Service Management Data Center

This High severity File Inclusion vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.4, 11.0.0, 11.1.0, 11.2.1, and 11.3.0 of Jira Service Management Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2...

8.6CVSS6.7AI score0.00408EPSS
Exploits2
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.21 views

File Inclusion in Jira Service Management Data Center

This High severity File Inclusion vulnerability was introduced in version 11.3.3 of Jira Service Management Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N allows an unauthenticated...

8.2CVSS6.8AI score0.00253EPSS
Exploits4
Atlassian
Atlassian
added 2026/05/05 4:29 p.m.21 views

DoS (Denial of Service) in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.1, 10.6.0, 10.7.2, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 a...

7.5CVSS6.9AI score0.02591EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/05 4:29 p.m.21 views

DoS (Denial of Service) in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.1, 10.5.0, 10.6.0, 10.7.2, 11.0.1, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS...

7.5CVSS6.9AI score0.02591EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/16 9:26 p.m.21 views

DoS (Denial of Service) net.minidev:json-smart Dependency in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.12.1, 10.3.0, and 11.3.0 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated...

7.5CVSS5.8AI score0.01119EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/16 1:22 p.m.21 views

MITM (Man-in-the-Middle) com.squareup.okhttp3:okhttp Dependency in Jira Service Management Data Center and Server

This High severity MITM Man-in-the-Middle vulnerability was introduced in version 10.3.0 of Jira Service Management Data Center and Server. This vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:Ncode allows an unauthenticated attack...

7.5CVSS6.9AI score0.00877EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/14 4:29 a.m.21 views

RCE (Remote Code Execution) at c3p0 dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code:java CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H code allows an...

8.9CVSS6.3AI score0.00534EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/10 10:29 p.m.21 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...

8.7CVSS5.8AI score0.01125EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/08 4:29 a.m.21 views

DoS (Denial of Service) com.squareup.okio:okio Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.0, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 11.0.1, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...

7.5CVSS6.7AI score0.01077EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/08 4:29 a.m.21 views

DoS (Denial of Service) css Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.0.1, 9.2.3, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.2, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.7AI score0.01121EPSS
Exploits0
Atlassian
Atlassian
added 2026/04/08 4:29 a.m.21 views

File Inclusion node-tar Dependency in Confluence Data Center

This High severity File Inclusion vulnerability was introduced in versions 8.9.0, 9.0.1, 9.0.3, 9.1.0, 9.2.5, 9.5.1, 10.1.2, and 10.2.0 of Confluence Data Center. This File Inclusion vulnerability, with a CVSS Score of 7.1 and a CVSS Vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N allows a...

7.1CVSS5.9AI score0.00288EPSS
Exploits1
Atlassian
Atlassian
added 2026/02/04 12:27 a.m.21 views

Improper Authorization org.springframework:spring-core Dependency in Confluence Data Center and Server

This High severity Improper Authorization vulnerability known as CVE-2025-41249 was introduced in versions 7.19 of Confluence Data Center and Server. This Improper Authorization vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an...

7.5CVSS5.8AI score0.0046EPSS
Exploits0
Atlassian
Atlassian
added 2026/01/19 12:42 a.m.21 views

XSS (Cross Site Scripting) dompurify Dependency in Jira Service Management Data Center and Server

This High severity XSS Cross Site Scripting vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, and 11.1.0 of Jira Service Management Data Center and Server. This XSS Cross Site Scripting vulnerability, with a CV...

7.3CVSS6.6AI score0.00844EPSS
Exploits0
Atlassian
Atlassian
added 2026/01/08 11:27 p.m.21 views

DoS (Denial of Service) ansi-regex Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 9.15.2, 9.16.0, 9.17.0, 10.1.1, 10.3.13, 11.2.0 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of code:java...

7.8CVSS8.1AI score0.03304EPSS
Exploits1
Atlassian
Atlassian
added 2025/12/19 7:27 p.m.21 views

DoS (Denial of Service) org.apache.commons:commons-fileupload2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...

7.5CVSS7.4AI score0.64718EPSS
Exploits1
Atlassian
Atlassian
added 2025/12/18 9:27 p.m.21 views

XXE (XML External Entity Injection) org.apache.tika:tika-core Dependency in Confluence Data Center and Server

This High severity XXE XML External Entity Injection vulnerability was introduced in versions 7.7.0 of Confluence Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.4 and a CVSS Vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H allows an...

9.8CVSS5.6AI score0.02962EPSS
Exploits4
Atlassian
Atlassian
added 2025/12/18 7:28 a.m.21 views

XXE (XML External Entity Injection) in Confluence Data Center and Server

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity XXE XML External Entity Injection vulnerability was introduced in versions 9.2.8 and 10.2.0 of Confluence Data Center a...

9.8CVSS5.7AI score0.79807EPSS
Exploits6
Atlassian
Atlassian
added 2025/12/12 7:28 a.m.21 views

DoS (Denial of Service) com.fasterxml.jackson.core:jackson-core Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to perform actions to degrade service, which has no impact to...

8.7CVSS7AI score0.00634EPSS
Exploits0
Atlassian
Atlassian
added 2025/12/10 2:30 a.m.21 views

XXE (XML External Entity Injection) Tika Dependency Vulnerability in Crucible Server and Fisheye Server

This Crucible Server and Fisheye Server release includes updates to our Apache Tika dependency in response to CVE-2025-66516. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the...

9.8CVSS8.4AI score0.79807EPSS
Exploits5
Atlassian
Atlassian
added 2025/09/26 7:31 a.m.21 views

Path Traversal (Arbitrary Write) in Jira Software Data Center and Server

This High severity Path Traversal Arbitrary Write vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversal Arbitrary Write vulnerability, with a CVSS Score of 8.7, allows an attacker to modify any filesystem...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2025/07/05 5:9 a.m.21 views

MITM (Man-in-the-Middle) org.apache.httpcomponents.client5:httpclient5 Dependency in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.23, 10.3.7, 10.5.1, 10.6.0, and 10.7.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS7.1AI score0.00745EPSS
Exploits0
Atlassian
Atlassian
added 2025/05/20 8:8 p.m.21 views

DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.2.0, 10.3.0, 10.4.0, 10.5.0, and 10.6.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS8.7AI score0.66933EPSS
Exploits5
Atlassian
Atlassian
added 2025/05/14 5:8 a.m.21 views

DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.19.0, 9.4.0, and 9.6.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS8.7AI score0.66933EPSS
Exploits5
Atlassian
Atlassian
added 2025/05/13 2:4 a.m.21 views

DoS (Denial of Service) io.netty:netty-handler Dependency in Jira Service Management Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 5.11.3, 5.12.0, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS...

7.5CVSS7.3AI score0.01966EPSS
Exploits1
Atlassian
Atlassian
added 2025/02/11 11:25 p.m.21 views

DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Bamboo Data Center and Server

This High severity com.google.protobuf:protobuf-java Dependency vulnerability was introduced in versions 9.5.0, 9.6.0, and 10.0.0-rc3 of Bamboo Data Center and Server. This com.google.protobuf:protobuf-java Dependency vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...

8.7CVSS6.6AI score0.02772EPSS
Exploits1
Atlassian
Atlassian
added 2025/01/29 10:15 a.m.21 views

RCE (Remote Code Execution) org.apache.avro:avro Dependency in Bitbucket Data Center and Server

This High severity org.apache.avro:avro Dependency vulnerability was introduced in versions 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0, 8.15.0, 8.16.0, 8.17.0, 8.18.0, 8.19.0, 9.0.0, 9.1.0, and 9.2.0 of Bitbucket Data Center and Server. This org.apache.avro:avro Dependency...

9.2CVSS7.4AI score0.03278EPSS
Exploits0
Atlassian
Atlassian
added 2025/01/22 2:24 p.m.21 views

When using an Oracle DB, application properties can't be set to empty

h3. Issue Summary The jira.security.csp.sandbox.included.content.disposition application property accepts: Empty value "attachment" "inline" "attachment;inline" or "inline;attachment" If Jira is installed using an Oracle database, the empty value is never set. This happens because Oracle treats...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2025/01/22 12:12 p.m.21 views

Able to attach restricted files to Jira issues from Email

h3. Issue Summary From 9.15, admins can now restrict unwanted file extensions from being uploaded through issues. However, the restriction does not work when the attachment is sent via email. The files with restricted extensions are being uploaded to Jira issues. Reference:Restrict unwanted file...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2024/11/21 10:54 p.m.21 views

org.apache.commons:commons-compress Dependency in Bamboo Data Center and Server

This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector o...

8.1CVSS6.7AI score0.00441EPSS
Exploits0
Atlassian
Atlassian
added 2023/12/12 3:19 p.m.21 views

atl_token parameter visible from the URL

h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce Login to Bamboo Create plans and generate report Application sends a token through the URL itself. h3. Expected Results Application should not send atltoken parameter in URL h3. Actual Results application sends a...

6.9AI score
Exploits0
Atlassian
Atlassian
added 2023/12/12 9:48 a.m.21 views

Attachments download link still works even after deleting attachment from page

h3. Issue Summary The attachment download link still works even after deleting the attachment from the page. h3. Steps to Reproduce Create a Page and add any attachments to the page Click on the attachment and download the attachment using the download button Now, right-click on the download butt...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2023/09/18 8:55 a.m.21 views

As a sys admin user without permissions to view a restricted space, I can see activity for it but cannot view the space or pages in it

h3. Issue Summary This is reproducible on Data Center: YES. h3. Steps to Reproduce h4. Steps on Bulldog: Sign in as a user with all of these permissions: Can Use, Personal Space, Create Spaces, Confluence Administrator optional, System Administrator. Note that this use should not be present in th...

6.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2023/08/10 8:10 p.m.21 views

Team Calendars is not loading Jira Agile Sprint Events

h3. Issue Summary Team Calendars is not loading Jira Agile Sprint Events This is reproducible on Data Center: yes h3. Steps to Reproduce Install Confluence 8.4.0 and Jira 9.9.1 Set up application link and sample Jira project Add Jira Agile Event h3. Expected Results Expect Jira Agile Events to...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2022/11/02 9:35 a.m.22 views

When setting a customer account's password, the potentially different&existing logged in user/session will be used in audit log to record the password change, causing confusion and making it look like a password hijack

h1. Steps to reproduce Consider the following scenario: User A: Invite is sent to [email protected] to join the JSM customer portal. User B is a customer and it is logged into customer portal as [email protected]. In the same browser where User B is logged in, the mailbox of [email protected] is open and ...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/10/19 1:22 p.m.21 views

Attachments that are added to drafts while collaborative editing is off are searchable when collaborative editing is turned on

h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce Turn OFF collaborative editing Create a page Add attachment to the page Do not publish the page Try searching for the draft or attachment Enable Collaborative Editing Perform Reindexing Try searching for the draft o...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/07/29 9:23 a.m.21 views

Audit Logs Store LDAP Password in Plain Text

h3. Problem In Confluence, when an external LDAP directory is created/modified, Audit logs store the LDAP connection password as plain text. h3. Environment 7.4.x . h3. Steps to Reproduce 1. In Confluence, create or modify a directory as Microsoft Active Directory, Crowd, Jira etc 2. After...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/06/14 8:11 p.m.21 views

Upgrade bundled Java to 8u292+

Currently our latest available Jira version includes AdoptOpenJDK 1.8.0275, which does not include a fix for the following vulnerabilities: https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20 It affects AdoptOpenJDK up to 1.8.0282, so we should bundle Jira with AdoptOpenJDK 1.8.02...

2.7AI score
Exploits0
Atlassian
Atlassian
added 2020/07/03 10:15 a.m.21 views

Anonymous user able to access some agile board's report configuration

h3. Issue Summary When someone who did not login to Jira tried to access direct URL to Average Age Report, the user will be shown Configure - Average Age Report page instead of Jira asking the user to login. h3. Steps to Reproduce Copy the full URL to an Average Age Report Eg:...

Exploits0Affected Software1
Atlassian
Atlassian
added 2020/06/18 2:26 p.m.21 views

Comment button visible to users without permission on boards

h3. Issue Summary When a project's permissions are set to allow viewing by any logged in user, but commenting is limited to specific project roles, if a user attempts to comment from a board, the button is available to them and they see the following error message: panel:bgColor=eeeeee...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/12/17 4:10 a.m.21 views

https://jira.atlassian.com/browse/JRASERVER-70409 for Bitbucket Server

The version of the Application Links plugin used in Bitbucket Server and Bitbucket Data Center before version 5.16.6, from version 6.0.0 before version 6.0.6, from version 6.1.0 before version 6.1.5, from version 6.2.0 before version 6.2.2, and from version 6.3.0 before version 6.3.1 allows remot...

2.6AI score
Exploits0
Atlassian
Atlassian
added 2019/03/21 12:46 a.m.21 views

The version of moment.js used in Jira was vulnerable to a regular expression denial of service

The version of moment.js used in in Jira before version 7.12.3, from version 7.13.0 before version 7.13.1 and before version 8.0.0 allows remote attackers to cause a denial of service in user's browsers via a regular expression denial of service. For additional details...

4.5AI score
Exploits0
Atlassian
Atlassian
added 2019/03/13 12:45 p.m.21 views

Embedded 7z vulnerable with a cvs score of 10

The embedded 7zip version is vulnerable. Please update...

2.3AI score
Exploits0
Atlassian
Atlassian
added 2017/12/01 4:16 p.m.21 views

Users with 'Plan Admin' privileges can change Project Name

h3. Summary Users whom have Plan level Admin privileges, but not Project level Admin privileges are able to change the Project name from /chain/admin/config/editChainDetails.action?buildKey=\projkey-\plankey h3. Steps to Reproduce h1. Step 1 Create Project with key TSTPR Create Plan within TSTPR...

3.6AI score
Exploits0
Atlassian
Atlassian
added 2017/05/25 3:47 p.m.21 views

Password Reset

I changed my password on my Linux system and now I can't push/pull via Atlassian SourceTree 2.0.20.1 gui. I tried resetting via the authentication tab under Tools-Options but the password is not being saved. I can use git via command line via Terminal because I am prompted for a password. I...

4AI score
Exploits0
Atlassian
Atlassian
added 2017/01/19 9:28 a.m.21 views

Update application-links to fix APL-1327

Now that https://ecosystem.atlassian.net/browse/APL-1327 has been fixed, upgrade application-links to a version that contains a fix for it. In this case Fecru would update application-links from version 5.2.3 the version comes from the platform pom to version 5.2.4...

1.6AI score
Exploits0
Atlassian
Atlassian
added 2017/01/19 9:28 a.m.21 views

Update application-links to fix APL-1327

Now that https://ecosystem.atlassian.net/browse/APL-1327 has been fixed, upgrade application-links to a version that contains a fix for it. In this case Fecru would update application-links from version 5.2.3 the version comes from the platform pom to version 5.2.4...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2017/01/18 5:47 p.m.21 views

Generating SSH Keys is broken (using Bitbucket Server) -- ui and config file

Please watch my short video illustrating the experience. https://www.youtube.com/watch?v=wPUAkG78BFE&feature=youtu.be Scenario 1: On MacOS X Sierra when setting up SourceTree for first time and choosing "SSH" as the authentication method, SourceTree: Should not have a URL for the Bitbucket...

7.5AI score
Exploits0
Atlassian
Atlassian
added 2017/01/17 11:37 p.m.21 views

hipchat server not supporting SSL Forward Secrecy

Security scans report that hipchat server isn't supporting SSL Forward Secrecy. HipChat Server supports TLSRSAWITHAES128CBCSHA256 which isn't forward secret. This is commonly supported for backwards compatibility, but, it is most likely not necessary on most platforms these days. Please consider...

0.7AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295