Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
•added 2011/06/14 5:27 a.m.•18 views

Admin JSPs don't have XSRF protection

As well as a number of XSS bugs which were recently fixed in CONF-22568, the JSPs contained in Confluence don't support the same XSRF protection which our actions use. We should convert this functionality over to actions and only use JSPs to deliver patches to customers, not for proper...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/06/14 5:27 a.m.•18 views

Admin JSPs don't have XSRF protection

As well as a number of XSS bugs which were recently fixed in CONF-22568, the JSPs contained in Confluence don't support the same XSRF protection which our actions use. We should convert this functionality over to actions and only use JSPs to deliver patches to customers, not for proper...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/05/18 1:8 a.m.•18 views

HTML file type attachments are automatically rendered in IE.

h1. Steps to reproduce Create following HTML file and upload to any of Confluence page. code alert"Cookie: " + document.cookie; code Open the file on Internet Explorer 7. Then, you will see the javascript in that HTML file executed automatically. Issue happens with IE9,8,7 with Confluence 3.5...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/05/11 7:3 a.m.•18 views

XSS vulnerability in doeditmysettings.action

This vulnerability affects all versions from 3.5 and above. We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence settings editing action. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more...

0.1AI score
Exploits0
Atlassian
Atlassian
•added 2011/04/21 2:58 p.m.•18 views

As a developer or release manager I want to be able to create and manage versions in JIRA without having to be given project admin permissions

Currently JIRA only allows a user to create, release and generally manage versions in a project if the user is a project admin. However there are numerous use cases where developers, release managers, project managers, etc. need to be able to perform this function but don't need full admin rights...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/04/21 1:25 a.m.•18 views

XSS vulnerability in Crucible changeset comments in search results

We have identified and fixed a cross-site scripting XSS vulnerability in the Crucible changeset comments in search results. Affected versions are Crucible 2.3.0 to 2.5.0 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page. You ca...

0.1AI score
Exploits0
Atlassian
Atlassian
•added 2011/04/21 1:21 a.m.•18 views

XSS vulnerability in Crucible Author Mapping

We have identified and fixed a cross-site scripting XSS vulnerability in the Crucible Author Mapping. Affected versions are Crucible 2.4.5 to 2.5.0 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page. You can read more about XSS...

0.2AI score
Exploits0
Atlassian
Atlassian
•added 2011/04/21 1:16 a.m.•18 views

XSS vulnerability in Crucible's Snippets

We have identified and fixed a cross-site scripting XSS vulnerability in the Crucible Snippets. Affected versions are Crucible 2.4.5 to 2.5.0 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page. You can read more about XSS attack...

Exploits0
Atlassian
Atlassian
•added 2011/04/06 5:41 p.m.•18 views

Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator

Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is: noformat Caused by:...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/04/06 5:41 p.m.•18 views

Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator

Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is: noformat Caused by:...

0.6AI score
Exploits0
Atlassian
Atlassian
•added 2011/03/10 8:12 p.m.•18 views

Cache Crowd Authentication on the client side

Jira is very chatty with Crowd, see: https://support.atlassian.com/browse/CWDSUP-4148 One request is sent to crowd per request into jira. Something like: com.atlassian.crowd.integration.service.cache.CacheAwareAuthenticationManager should be used. We have a similar issue with Confluence...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/02/22 9:55 p.m.•18 views

Remember Me filter not working for FishEye/Crucible

The current implementation of the FishEye filter still require that the Remember Me cookie have the encrypted credentials for the user, what is no longer true as that pose a major security vulnerability. The filter should rely on the JIRA Remember Me funcionality. If the user logged in using the...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2011/01/03 4:39 p.m.•18 views

Admin menu items displayed to non-admins when accessing "Global Templates" page

When accessing the "Global Templates" menu as a non-admin, the navigation controls for the administration panel are displayed. The links cannot be used without entering new credentials, but it would be more consistent to hide the links from non-admins, just as we hide "System Administrator" links...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/12/03 2:26 a.m.•18 views

XSS vulnerability in Global Reports macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence global-reports macro. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including these:...

5.5AI score
Exploits0
Atlassian
Atlassian
•added 2010/11/23 3:38 a.m.•18 views

Increase the web session timeout from 60 minutes to 300 minutes

Usability and security testing have shown that XSRF time out is annoying people in the wild. The security guy Vitaly has ok'ed the limit to be increased. This has been done on trunk along with other changes and should be done on 4.3 branch as well...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/10/26 2:15 p.m.•18 views

Allow to specify which user to be used in trusted connection with JIRA

This is an improvement request to allow specifying which user to be used in trusted connection with JIRA. Proposed example next to the documented examples in Jira Issues Macro|http://confluence.atlassian.com/display/DOC/JIRA+Issues+Macro bq. Anonymous=false: EITHER use the user credentials define...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/10/12 1:7 a.m.•18 views

Patches for XSS / XSRF vulnerabilities

We have identified and fixed vulnerabilities in JIRA 4.2 which will allow an attacker to invoke XSS Cross Site Scripting attacks and/or Cross Site Request Forgery XSRF attacks. Full details of the severity, risks and vulnerabilities can be found in the JIRA Security Advisory...

1.6AI score
Exploits0
Atlassian
Atlassian
•added 2010/09/22 6:18 p.m.•18 views

Page view restriction is not inheriting to child pages in some spaces

When a new page is created using the create-page macro the child page does not have restrictions inherited. This is only happening for a few spaces. If I try the same macro in another space it will work fine. I have rebuilt the ancestors table but this issue is still happening. Please advise...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/07/28 4:42 p.m.•18 views

NullPointerException when there are no cookies and AccessLogRequestInfo is enabled

When using the filter-list and project-list plugins I ran into an issue where NullPointerExceptions were being thrown. I turned out the issue is in AccessLogRequestInfo when the Cookie header doesn't exists. The line that causes the exception is a log.debug line. I am including a patch that check...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/06/25 4:47 p.m.•18 views

Logout Button / Option Missing for some LDAP user accounts

Instance Details / Description: The logout option to kill sessions is not present for some user accounts i,e, the zzsvat01-05 test accounts. It is believed that this is caused by LDAP user accounts that don't have a first and / or last name present. For these specific rare instances i.e. probably...

0.9AI score
Exploits0
Atlassian
Atlassian
•added 2010/05/20 3:2 a.m.•18 views

Password strength measurement and restriction

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-21358. panel Enable password strength rules to tell the user the effective strength of the password they choose optionally allow administrato...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 1:7 a.m.•18 views

Anonymise config files in support zip

Files included in the generated zip file could contain private information. This issue addresses that by removing all sensitive information before creating the zip. The severity of this issue is HIGH. Please see http://confluence.atlassian.com/x/ZILmD for other security related issues and...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/22 1:3 a.m.•18 views

Not all error strings are encoded

A XSS vulnerability where a string could bypass the Anti-XSS mechanism has been identified. This issue corrects this problem. The severity of this issue is rated as LOW. Please see http://confluence.atlassian.com/x/ZILmD for information on other security related issues and our rating system...

0.4AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/22 12:37 a.m.•18 views

XSS vulnerability in search

An XSS vulnerability has been found in the searching component of Confluence...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/19 3:11 a.m.•18 views

brute force password attack protection by default

We have added an upgrade task to set jira.maximum.authentication.attempts.allowed=5 on all instances even if they previous had set it to something else. This is to ensure that systems are more safe by default...

2.4AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/19 12:57 a.m.•18 views

Brute force protection on JIRA 4.1 leaks valid account names

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-21036. panel The brute force login protection in JIRA only activates when a real user account is accessed. This can be used by an attacker to...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/19 12:57 a.m.•18 views

Brute force protection on JIRA 4.1 leaks valid account names

The brute force login protection in JIRA only activates when a real user account is accessed. This can be used by an attacker to harvest a list of valid logins on the system. The brute force login protection should activate when either the login or the password is wrong...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 4:36 a.m.•18 views

runportleterror.jsp contains XSS hole

The runportleterror.jsp contains an XSS attach vector via the unescaped 'portletKey' URL parameter. The parameter should be escaped properly...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2010/04/16 4:36 a.m.•18 views

runportleterror.jsp contains XSS hole

The runportleterror.jsp contains an XSS attach vector via the unescaped 'portletKey' URL parameter. The parameter should be escaped properly...

2.2AI score
Exploits0
Atlassian
Atlassian
•added 2010/04/13 5:44 a.m.•18 views

XSS Vulnerabilities in JIRA

panel:borderColor=ff0000|borderStyle=solid|bgColor=ffccccWarning: This issue is superceded by JRA-21004. Please install the patches on that issue, rather than this one. For more details, see JIRA Security Advisory -...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/12/23 2:27 a.m.•18 views

Randomised password not sent in email

When creating a user with password normally, the notification email to that new user will contain the password. However creating a new user and leave the password blank, JIRA randomly generates a password for that user, but the randomised password "is not sent" in the notification email to that...

Exploits0
Atlassian
Atlassian
•added 2009/11/02 4:19 a.m.•18 views

deleted page is still accessible in Confluence when accessing via viewpage.action?pageId in the url

Deleted pages can still be accessed in Confluence when one enters their pageId in the url. For example: noformat http://confluence.atlassian.com/pages/viewpage.action?pageId=196837485 http://confluence.atlassian.com/display/CONFKB/Office+Connector noformat The links above are referring to the sam...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/09/02 3:54 p.m.•18 views

"User Custom Field Value" permission type incorrectly exposes JIRA project names to everyone

Problem: Project names are shown to users with no permission to see the project. Impact: Security hole! Recipe: it helps to have two browsers open one logged in as admin the other as the user I will create called dummy Add user dummy Add project blah Add custom field myuser of type user picker,...

6.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/08/18 1:18 a.m.•18 views

XSS vulnerability can be exploited with the pagetree macro

Use the following markup: noformatpagetree:root=alert'12'noformat Whenever the page is viewed, the script will be executed...

1.6AI score
Exploits0
Atlassian
Atlassian
•added 2009/08/12 6:33 p.m.•18 views

Uploading large fonts for PDF export fails with XSRF error

When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/07/31 3:0 a.m.•18 views

JIRA should trust itself by default.

Upgrade Seraph and Trusted apps to 2.0.1/2.1. If the CurrentApplication implements TrustedApplication then return it if it is asked for by id...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/07/31 3:0 a.m.•18 views

JIRA should trust itself by default.

Upgrade Seraph and Trusted apps to 2.0.1/2.1. If the CurrentApplication implements TrustedApplication then return it if it is asked for by id...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/06/18 6:38 a.m.•18 views

XSS vulnerability in space name when page move would create a duplicate

Create a space called alert"XSS"; Find a page named 'Home' in a different space Move this page, choosing the previously created space as the destination The move will fail due to the duplicate page name, and the script will be run...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/05/20 6:9 a.m.•18 views

Jiraissues add icon mapping configuration is susceptible to XSS

Combined with XSRF susceptibility via CONF-15753; you can craft an attack to get elevated privileges in Confluence. !http://img.skitch.com/20090520-x5gug8e8q5snabtmm2i2kdx1p.jpg!...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/04/09 1:34 a.m.•18 views

Update JIRA certificate for Screenshot Applet and others. It expires in June 2009

See https://extranet.atlassian.com/jira/browse/ADM-3253 Move Steves branch into trunk in the process. Also I think the build environment might need direct updating...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/03/19 4:15 p.m.•18 views

Latex Plugin-Cross-site Scripting Error

Our security group scanned the plugin below and found the following issue for the Latex Plugin: Number System/Location Defect Type Status R1 Latex Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies,...

Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/02/26 12:44 a.m.•18 views

Impropper sanitisation of attachment filenames allows header injection

An attacker can craft a specific attachment filename, or rename the file once it has been uploaded to introduce arbitrary headers into the response stream...

4.4AI score
Exploits0
Atlassian
Atlassian
•added 2009/02/20 12:41 a.m.•18 views

Redirect that works in 2.9 is broken in later Confluence versions

Adding a .jsp containing the following code will work in 2.9, but produces an exception in 2.10 when a parameter such as osdestination is supplied: code code Example URL: http://localhost:8080/confluence/login2.jsp?osdestination=%2Fdashboard.action Typical exception: quote...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/02/18 8:8 p.m.•18 views

Issue security based on workflow status

I would be great if permission types could be associated with workflow status. What we would like to do is limit the ability to edit an issue by the reporter to a specific workflow status. Using the issue security scheme is not possible since the reporter should always be allowed to view the issu...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2009/01/30 4:43 a.m.•18 views

XSS in the Widget Connector

I've been working with the widget connector today and reading through the code when I noticed that the media uris are not being handled securely. try this: widget:url=youtube.com/v="alert'xss' In general there is not a unified way to prevent issues like this in the widget extensions and it is up ...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/09/15 4:42 p.m.•18 views

XSS in pagetree plugin

The pagetree plugin is vulnerable for XSS injecting the code in the treeId field. Example below:...

6.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/09/04 1:18 a.m.•18 views

XSS in site search action

http://confluence.atlassian.com/dosearchsite.action?where=confall&queryString=%3Cscript%3Ealert'foo';%3C/script%3E queryString needs to be escaped. This problem is fixed if they turn on Anti-XSS mode. We still need to fix this as anti-xss is not on by default...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/08/29 6:36 p.m.•18 views

Pages that inherit page restrictions are not respecting those restrictions after upgrade to Confluence 2.9

Tested and verified in both customer enviornment and in test enviornment. In the event that you have a parent page restriction and a child page that inherits that restriction, upon upgrade, 2.9 will only respect the explicit parent permission in terms of security trims and actual access but not...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/08/25 10:33 a.m.•18 views

Hidden pages' content can be viewed without permission using diffpages.action

If the id of a page is known by a user, that user can view the content of the page without having permissions to the space it is in. They need only construct the right URL. EG: Two spaces A and B Page with id 1 is in Space A Page with id 2 is in Space B User cannot see Space A User can see Space ...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
•added 2008/08/19 5:10 a.m.•18 views

The TrustedApplicationsFilter doesn't work for /rpc/* URLs

The sessioninview filter doesn't cover rpc URLs I think because this meant that RPC actions didn't show up in the DB until the response what completely written This means that lazily loaded data returned by the HibernateTrustedApplicationDao causes problems when the TrustedApplicationsFilter trie...

0.6AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295