Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
•added 2010/04/22 1:3 a.m.•19 views

Not all error strings are encoded

A XSS vulnerability where a string could bypass the Anti-XSS mechanism has been identified. This issue corrects this problem. The severity of this issue is rated as LOW. Please see http://confluence.atlassian.com/x/ZILmD for information on other security related issues and our rating system...

0.4AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/22 12:49 a.m.•19 views

XSS vulnerability in Colour Scheme settings

An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 12:49 a.m.•19 views

XSS vulnerability in Colour Scheme settings

An XSS vulnerability has been discovered in the Colour Scheme settings. The severity of this issue is rated as HIGH. Please refer to the security advisory http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2010-04-x for details...

0.2AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/22 12:37 a.m.•19 views

XSS vulnerability in search

An XSS vulnerability has been found in the searching component of Confluence...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/19 3:11 a.m.•19 views

brute force password attack protection by default

We have added an upgrade task to set jira.maximum.authentication.attempts.allowed=5 on all instances even if they previous had set it to something else. This is to ensure that systems are more safe by default...

2.4AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/19 12:57 a.m.•19 views

Brute force protection on JIRA 4.1 leaks valid account names

The brute force login protection in JIRA only activates when a real user account is accessed. This can be used by an attacker to harvest a list of valid logins on the system. The brute force login protection should activate when either the login or the password is wrong...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/13 5:44 a.m.•19 views

XSS Vulnerabilities in JIRA

panel:borderColor=ff0000|borderStyle=solid|bgColor=ffccccWarning: This issue is superceded by JRA-21004. Please install the patches on that issue, rather than this one. For more details, see JIRA Security Advisory -...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/03/23 2:46 p.m.•19 views

Allow non-Administrators to be able to modify workflows

As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...

3.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/03/16 5:57 a.m.•19 views

xss vulnerability in issuelinksmall.jsp

Thanks to NASA / JPL for discovering this: Cross-Site Scripting XSS related to http://oursite/jira/includes/snippets/issuelinksmall.jsp?%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E=has...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/03/16 1:0 a.m.•19 views

Custom fileds inconsistently escaped in view and edit screens

Steps to replicate: Create a custom field and name it Hithere On view issue screens, the field appears as Hithere On edit issue screen, the field appears as Hithere on red font I guess we need to make a decision on which one is the desired functionality allow HTML or not and make it consistent...

0.7AI score
Exploits0
Atlassian
Atlassian
•added 2010/02/26 5:40 a.m.•19 views

A link to Re-Indexing is visible to users even if they are not sys admin

I saw this on EACJ where I am not a sys admin quote XXXX made configuration changes in section 'Custom Fields' at 01/Feb/10 1:16 PM. It is recommended that you perform a re-index. For more information, please click the Help icon. To perform the re-index now, please go to the 'Indexing' section...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/01/13 10:17 a.m.•19 views

Include XSS security warning on HTML macro description in Wiki Markup Renderer

Include XSS security warning on HTML macro description in Wiki Markup Renderer. Derived from JRA-19802...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/12/10 6:55 p.m.•19 views

Remove database passwords from the file system.

Currently if you connect Jira to an external database, you must store the database credentials on the file system either in the server.xml file Jira standalone, or in an equivalent file. This has security implications. Can we modify the application to not store this information on the file system...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/12/02 4:10 a.m.•19 views

User's Full Name is an XSS vector in Status Updates tab of User Profile

A user's full name is an XSS vector when viewing the "Status Updates" tab of the user profile. 1 Set a user's Full Name as "alertdocument.cookie". 2 Log out. 3 If anonymous access is disabled, log in as a different user, otherwise, continue as Anonymous. 4 Go to the profile page for the user...

0.3AI score
Exploits0
Atlassian
Atlassian
•added 2009/11/02 4:19 a.m.•19 views

deleted page is still accessible in Confluence when accessing via viewpage.action?pageId in the url

Deleted pages can still be accessed in Confluence when one enters their pageId in the url. For example: noformat http://confluence.atlassian.com/pages/viewpage.action?pageId=196837485 http://confluence.atlassian.com/display/CONFKB/Office+Connector noformat The links above are referring to the sam...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/07/31 6:6 a.m.•19 views

JQL not respecting Issue Security Level "Project Lead"

While writing TestIssueSecurityLevel I found the following problem: fred is not a Project Lead HSP-3 has Issue Security Level of "Project Lead" only. empty JQL to show all visible issues doesn't show HSP-3. make fred the Project Lead same query: still no HSP-3 however: fred can browse to HSP-3 an...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/07/31 3:0 a.m.•19 views

JIRA should trust itself by default.

Upgrade Seraph and Trusted apps to 2.0.1/2.1. If the CurrentApplication implements TrustedApplication then return it if it is asked for by id...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/06/26 2:5 a.m.•19 views

XSS in PDF screen

The "PDF Export Stylesheet" field is not encoded...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/06/18 6:38 a.m.•19 views

XSS vulnerability in space name when page move would create a duplicate

Create a space called alert"XSS"; Find a page named 'Home' in a different space Move this page, choosing the previously created space as the destination The move will fail due to the duplicate page name, and the script will be run...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/06/03 7:28 a.m.•19 views

XSS vulnerability when moving page between spaces

You can create a space with HTML in the name. In most places this space name is correctly encoded however in the tree component given when you chose to move a page the destination space is name is not encoded properly. To reproduce. 1 Create a space called alert"Howdy"; 2 Create a page in another...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/29 4:14 a.m.•19 views

XSS in user links

A user with username "alert"foo" that is linked to via \username markup results in script being executed. Curiously, viewing the space homepage of that user results in a blank page. This of course is prevented for public signup, but if the user gets created via other means, i.e. external user...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/21 8:5 a.m.•19 views

Viewfile macros do not respect page restrictions

Add a page Set viewing restrictions to user1 only Add an attachment - 'Sample.doc' Log in as user2 - confirm that you cannot see the restricted page Add a page, and use the viewfile macro Enter the location of the attachment on the restricted page The contents of the attachment can now be viewed ...

2.1AI score
Exploits0
Atlassian
Atlassian
•added 2009/05/15 10:52 a.m.•19 views

Encrypted passwords in osuser.xml

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-17317. panel We need to set a crypted password instead plain text password in java.naming.security.credentials within osuser.xml...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/15 10:52 a.m.•19 views

Encrypted passwords in osuser.xml

We need to set a crypted password instead plain text password in java.naming.security.credentials within osuser.xml...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/03/19 4:38 p.m.•19 views

Bright Cove User Macro-Cross-site script

Our e-security found the following error after they scanned the Bright Cove User Macro: Number System/Location Defect Type Status R4 Bright Cove User Macro Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies,...

7.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/03/12 7:47 a.m.•19 views

JIRA build information not included in dummy XML responses to search filter requests which users do not have access to

The build-info element is missing from the response to search filter XML requests. noformat https://support.atlassian.com/sr/jira.issueviews:searchrequest-xml/10593/SearchRequest-10593.xml?tempMax=100 noformat Happens if the user does not have access to the filter. See also...

1AI score
Exploits0
Atlassian
Atlassian
•added 2009/02/26 12:44 a.m.•19 views

Impropper sanitisation of attachment filenames allows header injection

An attacker can craft a specific attachment filename, or rename the file once it has been uploaded to introduce arbitrary headers into the response stream...

4.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/02/08 3:11 p.m.•19 views

Seraph binary dosn't correspond to source distribution for JIRA 3.13.2

Try to stepover getUserHttpServletRequest request, HttpServletResponse response Also, if user is not resolved by session, why not to try resolve it from cookie...

0.6AI score
Exploits0
Atlassian
Atlassian
•added 2009/01/30 4:43 a.m.•19 views

XSS in the Widget Connector

I've been working with the widget connector today and reading through the code when I noticed that the media uris are not being handled securely. try this: widget:url=youtube.com/v="alert'xss' In general there is not a unified way to prevent issues like this in the widget extensions and it is up ...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/01/30 4:43 a.m.•19 views

XSS in the Widget Connector

I've been working with the widget connector today and reading through the code when I noticed that the media uris are not being handled securely. try this: widget:url=youtube.com/v="alert'xss' In general there is not a unified way to prevent issues like this in the widget extensions and it is up ...

0.5AI score
Exploits0
Atlassian
Atlassian
•added 2008/11/28 5:50 a.m.•19 views

Confluence displays ALL attachments when the following URL is viewed

i removed the space key from the URL for the normal space attachment viewing, and it displays all the attachments for all spaces in the install of Confluence, Irrispecitve of space and page level permission restrictions. For Example:...

0.8AI score
Exploits0
Atlassian
Atlassian
•added 2008/11/13 3:49 a.m.•19 views

Session must not be invalidated on logout

People ran into problems|http://forums.atlassian.com/thread.jspa?forumID=101&threadID=29965 because we started invalidating the session on logout in 2.9.2. They expect certain session attributes like the seraph LOGGEDOUTKEY to be present. This means we need to remove all session attributes except...

2.8AI score
Exploits0
Atlassian
Atlassian
•added 2008/10/27 5:18 a.m.•19 views

Confluence administrators (who are not necessarily sys admins) can configure whitelist

A user who has the "Confluence Administrator" permission, but not necessarily the "System Administrator" permission, can configure the new URL whitelist for the HTML-include and RSS macros. Is this good enough, from a security point of view?...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/10/03 8:58 p.m.•19 views

Restrict anonymous users from viewing user profiles.

Even if I start Confluence with -Dconfluence.disable.peopledirectory.anonymous=true, it is still possible to browse individual users by visiting a URL like https://wikiBaseUrl/display/accountName. This is a major security problem for us because it exposes: 1. The user's name 2. The user's ID 3. T...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/09/15 4:42 p.m.•19 views

XSS in pagetree plugin

The pagetree plugin is vulnerable for XSS injecting the code in the treeId field. Example below:...

6.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/09/08 8:18 a.m.•19 views

default config values restored

This should be for 2.9.1 - this version was not yet available under "affects versions" when filing this bug. After updating from 2.9 to 2.9.1, most of my settings were overwritten by their default values. - public signup got enabled - the language changed back to english instead of german - e-mai...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/09/04 1:18 a.m.•19 views

XSS in site search action

http://confluence.atlassian.com/dosearchsite.action?where=confall&queryString=%3Cscript%3Ealert'foo';%3C/script%3E queryString needs to be escaped. This problem is fixed if they turn on Anti-XSS mode. We still need to fix this as anti-xss is not on by default...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/08/25 10:33 a.m.•19 views

Hidden pages' content can be viewed without permission using diffpages.action

If the id of a page is known by a user, that user can view the content of the page without having permissions to the space it is in. They need only construct the right URL. EG: Two spaces A and B Page with id 1 is in Space A Page with id 2 is in Space B User cannot see Space A User can see Space ...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/06/14 3:37 p.m.•20 views

XSS using onerror

We had a user enter a viagra ad that actual redirected to their site. I think the offending code was here: although obviously they didn't use example.com I've attached the whole page for examination...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/06/04 1:58 a.m.•19 views

SSO credentials not used in IssueViewURLHandler

A customer has created a SSO plugin and are facing some specific issues in this context. When they click on the printable link of an issue i.e: http://jira/lodh/si/jira.issueviews:issue-html/ORGJIRA-13/ORGJIRA-13.html they get an error page indicating "the user myuser... doesn't exist..." They...

7.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/04/15 12:31 a.m.•19 views

Users can move attachments to a space they have no permission for

Any user with permission to edit pages in a space can move attachments in that space to any page in Confluence. Eg: suppose we have a user named StandardUser who has permission to edit pages in GeneralSpace, but no permission to view or edit RestrictedSpace, which contains a page predictably name...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/04/04 4:21 p.m.•19 views

Change issue Security Level on Transition

We need a way to automatically change the Security Level of an issue when it is transitioned. Currently our project is has a default Security Level that only allows the assignee and management to see an issue, we would like to automatically open that issue up once it is fixed...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/04/04 4:21 p.m.•19 views

Change issue Security Level on Transition

We need a way to automatically change the Security Level of an issue when it is transitioned. Currently our project is has a default Security Level that only allows the assignee and management to see an issue, we would like to automatically open that issue up once it is fixed...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/03/18 4:38 a.m.•19 views

XSS vulnerability in social bookmarking plugin bundled in Confluence

The social bookmarking plugin is bundled in Confluence 2.7.x and Confluence 2.6.x. As such this vulnerability affects all 2.7.x and 2.6.x instances even if you do not use the plugin or do not have the Add Bookmark Web Item enabled. The updatebookmark.action URL is vulnerable on these parameters: ...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/03/17 5:0 a.m.•19 views

XSS vulnerability in pagepicker.action and spacepagepicker.action

The following URL's are vulnerable: - /users/pagepicker.action - /users/spacepagepicker.action on formname, fieldname and currentspace panel:bgColor=99ff99 h4. Patch instructions for 2.6.x and 2.7.x 1. Shut down Confluence 2. Copy attached pagepicker.vm to confluence/users/ 3. Start up Confluence...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/01/10 3:35 a.m.•19 views

Moving a subtask Issue Type will sometimes ask the user for a Security Level even though this value is inherited from the Parent Issue.

When you move a subtask from an Issue Type where Security Level is a hidden field, to one where Security Level is no longer hidden, the system can mistakenly ask the User for a new Security Level. This is only a minor issue, as then the subtask will not actually take on the chosen value - it will...

0.4AI score
Exploits0
Atlassian
Atlassian
•added 2007/12/19 2:16 p.m.•19 views

Security vulnerability with Dashboard spacesSelectedTab

Our security team has reported the following vulnerability, which must be resolved for us to use the application. Severity: High Test Type: Application Vulnerable URL: https://gforgewiki.nci.nih.gov/dashboard.action Parameter = spacesSelectedTab Remediation Tasks: Filter out hazardous characters...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/12/19 2:16 p.m.•19 views

Security vulnerability with Dashboard spacesSelectedTab

Our security team has reported the following vulnerability, which must be resolved for us to use the application. Severity: High Test Type: Application Vulnerable URL: https://gforgewiki.nci.nih.gov/dashboard.action Parameter = spacesSelectedTab Remediation Tasks: Filter out hazardous characters...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/12/07 2:32 p.m.•19 views

XSS vulnerability in recently updated and configure RSS feed actions

Our eSecurity team has identified a Cross Site Scripting issue with the confluence server as follows: Arbirtatry javascript can be injected in the following cases which can lead to escalated or invalid privileges being granted to an unauthorized user: 1...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2007/10/03 2:58 a.m.•19 views

Velocity does not automatically escape HTML entities when substituting variables

Velocity should automatically escape encode HTML entities in variables it interpolates in markup. This would remove the need for explicitly escaping variables using $generalUtil.htmlEncode, and fix lots of XSS bugs including ones we haven't discovered yet. This affects all versions of Confluence...

2.2AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295