4295 matches found
MITM (Man-in-the-Middle) org.apache.httpcomponents.client5:httpclient5 Dependency in Jira Software Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.23, 10.3.7, 10.5.1, 10.6.0, and 10.7.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.2.0, 10.3.0, 10.4.0, 10.5.0, and 10.6.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 8.19.0, 9.4.0, and 9.6.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
DoS (Denial of Service) io.netty:netty-handler Dependency in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.11.3, 5.12.0, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS...
DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Bamboo Data Center and Server
This High severity com.google.protobuf:protobuf-java Dependency vulnerability was introduced in versions 9.5.0, 9.6.0, and 10.0.0-rc3 of Bamboo Data Center and Server. This com.google.protobuf:protobuf-java Dependency vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...
RCE (Remote Code Execution) org.apache.avro:avro Dependency in Bitbucket Data Center and Server
This High severity org.apache.avro:avro Dependency vulnerability was introduced in versions 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0, 8.15.0, 8.16.0, 8.17.0, 8.18.0, 8.19.0, 9.0.0, 9.1.0, and 9.2.0 of Bitbucket Data Center and Server. This org.apache.avro:avro Dependency...
When using an Oracle DB, application properties can't be set to empty
h3. Issue Summary The jira.security.csp.sandbox.included.content.disposition application property accepts: Empty value "attachment" "inline" "attachment;inline" or "inline;attachment" If Jira is installed using an Oracle database, the empty value is never set. This happens because Oracle treats...
Able to attach restricted files to Jira issues from Email
h3. Issue Summary From 9.15, admins can now restrict unwanted file extensions from being uploaded through issues. However, the restriction does not work when the attachment is sent via email. The files with restricted extensions are being uploaded to Jira issues. Reference:Restrict unwanted file...
org.apache.commons:commons-compress Dependency in Bamboo Data Center and Server
This High severity org.apache.commons:commons-compress Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. This org.apache.commons:commons-compress Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector o...
atl_token parameter visible from the URL
h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce Login to Bamboo Create plans and generate report Application sends a token through the URL itself. h3. Expected Results Application should not send atltoken parameter in URL h3. Actual Results application sends a...
Attachments download link still works even after deleting attachment from page
h3. Issue Summary The attachment download link still works even after deleting the attachment from the page. h3. Steps to Reproduce Create a Page and add any attachments to the page Click on the attachment and download the attachment using the download button Now, right-click on the download butt...
As a sys admin user without permissions to view a restricted space, I can see activity for it but cannot view the space or pages in it
h3. Issue Summary This is reproducible on Data Center: YES. h3. Steps to Reproduce h4. Steps on Bulldog: Sign in as a user with all of these permissions: Can Use, Personal Space, Create Spaces, Confluence Administrator optional, System Administrator. Note that this use should not be present in th...
Team Calendars is not loading Jira Agile Sprint Events
h3. Issue Summary Team Calendars is not loading Jira Agile Sprint Events This is reproducible on Data Center: yes h3. Steps to Reproduce Install Confluence 8.4.0 and Jira 9.9.1 Set up application link and sample Jira project Add Jira Agile Event h3. Expected Results Expect Jira Agile Events to...
When setting a customer account's password, the potentially different&existing logged in user/session will be used in audit log to record the password change, causing confusion and making it look like a password hijack
h1. Steps to reproduce Consider the following scenario: User A: Invite is sent to [email protected] to join the JSM customer portal. User B is a customer and it is logged into customer portal as [email protected]. In the same browser where User B is logged in, the mailbox of [email protected] is open and ...
Attachments that are added to drafts while collaborative editing is off are searchable when collaborative editing is turned on
h3. Issue Summary This is reproducible on Data Center: yes h3. Steps to Reproduce Turn OFF collaborative editing Create a page Add attachment to the page Do not publish the page Try searching for the draft or attachment Enable Collaborative Editing Perform Reindexing Try searching for the draft o...
Audit Logs Store LDAP Password in Plain Text
h3. Problem In Confluence, when an external LDAP directory is created/modified, Audit logs store the LDAP connection password as plain text. h3. Environment 7.4.x . h3. Steps to Reproduce 1. In Confluence, create or modify a directory as Microsoft Active Directory, Crowd, Jira etc 2. After...
Upgrade bundled Java to 8u292+
Currently our latest available Jira version includes AdoptOpenJDK 1.8.0275, which does not include a fix for the following vulnerabilities: https://openjdk.java.net/groups/vulnerability/advisories/2021-04-20 It affects AdoptOpenJDK up to 1.8.0282, so we should bundle Jira with AdoptOpenJDK 1.8.02...
Anonymous user able to access some agile board's report configuration
h3. Issue Summary When someone who did not login to Jira tried to access direct URL to Average Age Report, the user will be shown Configure - Average Age Report page instead of Jira asking the user to login. h3. Steps to Reproduce Copy the full URL to an Average Age Report Eg:...
Comment button visible to users without permission on boards
h3. Issue Summary When a project's permissions are set to allow viewing by any logged in user, but commenting is limited to specific project roles, if a user attempts to comment from a board, the button is available to them and they see the following error message: panel:bgColor=eeeeee...
https://jira.atlassian.com/browse/JRASERVER-70409 for Bitbucket Server
The version of the Application Links plugin used in Bitbucket Server and Bitbucket Data Center before version 5.16.6, from version 6.0.0 before version 6.0.6, from version 6.1.0 before version 6.1.5, from version 6.2.0 before version 6.2.2, and from version 6.3.0 before version 6.3.1 allows remot...
The version of moment.js used in Jira was vulnerable to a regular expression denial of service
The version of moment.js used in in Jira before version 7.12.3, from version 7.13.0 before version 7.13.1 and before version 8.0.0 allows remote attackers to cause a denial of service in user's browsers via a regular expression denial of service. For additional details...
Embedded 7z vulnerable with a cvs score of 10
The embedded 7zip version is vulnerable. Please update...
Users with 'Plan Admin' privileges can change Project Name
h3. Summary Users whom have Plan level Admin privileges, but not Project level Admin privileges are able to change the Project name from /chain/admin/config/editChainDetails.action?buildKey=\projkey-\plankey h3. Steps to Reproduce h1. Step 1 Create Project with key TSTPR Create Plan within TSTPR...
Password Reset
I changed my password on my Linux system and now I can't push/pull via Atlassian SourceTree 2.0.20.1 gui. I tried resetting via the authentication tab under Tools-Options but the password is not being saved. I can use git via command line via Terminal because I am prompted for a password. I...
Administrators should have the ability to restrict access to the System dashboard
Administrators should have the ability to restrict access to the System dashboard which by default is available to the public...
Update application-links to fix APL-1327
Now that https://ecosystem.atlassian.net/browse/APL-1327 has been fixed, upgrade application-links to a version that contains a fix for it. In this case Fecru would update application-links from version 5.2.3 the version comes from the platform pom to version 5.2.4...
Update application-links to fix APL-1327
Now that https://ecosystem.atlassian.net/browse/APL-1327 has been fixed, upgrade application-links to a version that contains a fix for it. In this case Fecru would update application-links from version 5.2.3 the version comes from the platform pom to version 5.2.4...
Generating SSH Keys is broken (using Bitbucket Server) -- ui and config file
Please watch my short video illustrating the experience. https://www.youtube.com/watch?v=wPUAkG78BFE&feature=youtu.be Scenario 1: On MacOS X Sierra when setting up SourceTree for first time and choosing "SSH" as the authentication method, SourceTree: Should not have a URL for the Bitbucket...
Generating SSH Keys is broken (using Bitbucket Server) -- ui and config file
Please watch my short video illustrating the experience. https://www.youtube.com/watch?v=wPUAkG78BFE&feature=youtu.be Scenario 1: On MacOS X Sierra when setting up SourceTree for first time and choosing "SSH" as the authentication method, SourceTree: Should not have a URL for the Bitbucket...
hipchat server not supporting SSL Forward Secrecy
Security scans report that hipchat server isn't supporting SSL Forward Secrecy. HipChat Server supports TLSRSAWITHAES128CBCSHA256 which isn't forward secret. This is commonly supported for backwards compatibility, but, it is most likely not necessary on most platforms these days. Please consider...
Update atlassian-gadgets in JIRA Server to fix AG-1502
Now that https://ecosystem.atlassian.net/browse/AG-1502 has been fixed, upgrade atlassian-gadgets to a version that contains a fix for it. In this case JIRA Server would update atlassian-gadgets to a version = 4.2.14...
User Management - Space View and Edit Control
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-45194. panel With our Confluence users linking to LDAP, it is difficult having to create and delete groups to control permission...
"Allowed review participants" isn't restricting the scope for groups
h3. Summary The "Allowed review participants" option in the project settings isn't restricting the scope for groups when searching for reviewers to be added to a review, therefore all the groups are listed, even the ones not included as allowed groups. h3. Environment Tested on Crucible 4.2.0 h3...
Forms that use the GET method cause the XSRF token to be added to the URL
h5.Steps to Reproduce: In Confluence, visit the "My Profile" page /users/viewuserprofile.action Click "Edit Profile" Note that no atltoken is present in the URL. Click "Settings" /users/viewmysettings.action Click "Edit" Note that the atltoken value is present in the URL. h5.Cause Some forms are...
Moving or deleting an issue leaves the empty attachments subdirectory on the filesystem
To reproduce: Create an issue Attach a file to it Locate the file on the JIRA-server filesystem -- under JIRA "home" directory attachments/..../PROJECT-ISSUE Move the issue to a different project or delete it completely Observe the empty issue subdirectory remaining on the filesystem The director...
Responses with Set-Cookie header cached
h3. Context We have Jira running with SSO from Crowd. Jira is behind a corporate reverse proxy from BlueCoat which has caching enabled but respects the Cache-control, Expire and Pragma HTTP headers. h3. Problem We have discovered following cases of sessions mix up where a user \1 get the Crowd...
As an administrator I want to be able to configure whether XSS protection should apply to requirements or not
h3. Problem Definition For XSS protection, certain "dangerous" characters are not allowed for input in many fields in Bamboo, including for requirements. One such character is the ampersand &, which can be used for logical AND expressions such as "a && b" for "a AND b". At the moment, because XSS...
Groups to Synchronise membership filter in Crowd/JIRA authentication not effective in some circumstances
Users existing in remote Crowd/JIRA authentication source may get access to FishEye/Crucible instance even if they are not members of specified "Groups to Synchronise"...
Stronger algorithm used to digest instance admin password
Let's use PKCS5S2...
Stronger algorithm used to digest instance admin password
Let's use PKCS5S2...
Backup action is XSRF vulnerable
XSRF vulnerability was identified and fixed, so it was possible to trigger backup action taking application into maintenance mode. This could lead to overwriting an existing backup file...
Upgrade to version 3.2.2 of apache commons-collections
quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...
It is possible to access the list of patches in a review and their content by unprivileged users
We've discovered and fixed a security issue, where the attacker could using the REST API: access the list of patches in a review their filename, database id upload date and anchor details without authentication access the patch content for any review as long as he had view access to any other...
XSRF check failure when trying to add a logo to a topic
h3. Steps to reproduce Create a topic in Confluence Questions. Select an image as a logo. Click Done. h3. Expected results The topic is created with the chosen logo. h3. Actual results The topic is created, but with the default tag logo. h3. Notes The same thing occurs when trying to add a logo t...
Bad performance noticed on issues with long history
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-45903. panel Performing some testing with JIRA 6.4.5, I've noticed that there is a huge difference when logging work on an issue with no...
Prevent Activity feed information leakage by allowing permanently disabling of it
It seems that the sensitive information leakage is something almost impossible to avoid when you have a pair of JIRA instances, internal and external, which are connected one to another. Having them connected is clearly a business requirement for being able to cross link issues and to copy them...
Use integrated Windows Auth for Proxy Authentication
Hi, I'm looking to secure access to the internet via an authenticated proxy and would like to avoid username passwords within init strings. https://confluence.atlassian.com/display/JIRAKB/How+to+Configure+an+Outbound+HTTP+and+HTTPS+Proxy+for+JIRA describes a scenario where this may be possible,...
Use integrated Windows Auth for Proxy Authentication
Hi, I'm looking to secure access to the internet via an authenticated proxy and would like to avoid username passwords within init strings. https://confluence.atlassian.com/display/JIRAKB/How+to+Configure+an+Outbound+HTTP+and+HTTPS+Proxy+for+JIRA describes a scenario where this may be possible,...
Content Spoofing in AppPortalPage
A third party scan found that the ConvertIssue.jspa action is vulnerable to content spoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users. How to reproduce:...
"JIRA Project Releases" event should respect Project's permissions
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-48963. panel Adding "JIRA Project Releases" event type to the Team calendar seems to NOT respect permissions from the project. I...