Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2013/08/05 9:55 p.m.17 views

Force password reset for all users

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-30236. panel Administrators should have an easy way to force users to change passwords in bulk format in emergencies. Has this...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/16 4:47 p.m.17 views

XSS Vulnerability in AAC - Atlassian ID Display Name is not HTML-encoded on user hover

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46719. panel Raised from https://extranet.atlassian.com/jira/browse/INTSYS-23426...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2013/06/20 2:9 p.m.17 views

Disallow multiple sessions for an account

It is currently possible to run several sessions under any account. Some customers prefer to restrict the number of sessions to one, or limit the session to the IP it has been initiated from...

3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/06/20 1:38 p.m.17 views

Turning off Anti-XSRF mode has no effect

Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off adding comments is not possible, due to an XSRF warning...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/05/08 1:31 p.m.17 views

UI Redressing (Clickjacking)

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-29230. panel Confluence is vulnerable to Clickjacking|https://en.wikipedia.org/wiki/Clickjacking. That is, it is possible to...

Exploits0Affected Software1
Atlassian
Atlassian
added 2013/04/10 7:5 p.m.17 views

SSL Enabled but some link point to http:// instead of https://

This scenario will happen if enable both HTTP8090 and HTTPS8433 and 'Server Base Url' is set to HTTP. Reproduce procedures 1. Access confluence via HTTPS 2. Click menu 'Space' at the top menu 3. At 'Space Directory' page, click any of the menu at the left side eg. All spaces etc. then click link ...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/03/18 8:33 a.m.17 views

Activity stream not respecting parent page restrictions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-28543. panel The Confluence Activity stream will display all pages that the user has access to according to the restrictions...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/02/15 4:53 p.m.17 views

Anonymous users can see page restriction data, exposing user ids and group names

If an user navigates to a page that has any kind of individual "editing" restriction but is of public view and then clicks on the padlock icon, he or she will see the Names, Uids of the users who are mentioned in the "edit" restriction or any groups part if the restriction. We think it is wrong t...

2AI score
Exploits0
Atlassian
Atlassian
added 2013/02/06 6:43 p.m.17 views

Large filter subscriptions can crash a JIRA instance with an OutOfMemoryError

h3. Summary JIRA has no 'rate limiting' or mail limit on filter subscriptions. This means using certain configurations will allow for a significant amount of mail to be created. As this mail is persisted in memory, it's possible to cause OutOfMemoryError's, even with a significant amount of heap...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/12/21 12:8 a.m.17 views

XSS bug in detail view epic name lozenge rendering

6.1 introduced an xss bug in the detail view, more specifically in the epic field that displays to which epic an issue belongs to...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/11/29 1:27 p.m.17 views

CreateSupportZipAction directory traversal

There’s a directory traversal vulnerability in the CreateSupportZipAction action that allows a malicious user to include arbitrary log files into a support zip. This is because the SupportUtility object is marked as @ParameterSafe, and no validation is performed on its serverLogsDirectory path...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/09/27 4:29 p.m.17 views

Accidental XSRF and DoS consumption-of-space issue

We experienced an unusual growth of our nonspaced attachments that appears to be a DoS vunerability both in an accidental way with a workaround and intentional not easily worked around. This is under Confluence 4.0, but appears to probably apply to 4.3.1 as well. It appears the growing nonspaced...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/09/18 3:36 p.m.17 views

rememberme cookie is not cleared when user changes password in Confluence

When a user changes their password, the seraph cookie is still valid. To avoid this, all entries for the changed user in the table remembermetoken should be removed...

1.7AI score
Exploits0
Atlassian
Atlassian
added 2012/09/10 12:19 p.m.17 views

Information disclosure in REST API

REST endpoints to search groups and to list issue resolutions allow anonymous/unauthenticated access. The former allows to enumerate all groups on a JIRA instance by sending multiple queries as results are limited by jira.ajax.autocomplete.limit. We've verified this on an instance without any...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2012/09/03 2:4 a.m.17 views

Session expiry pages may echo password in clear text

The "session expiry" and "XSRF token missing" pages will echo any submitted values. This may result in echoing the submitted password to the page in plain text if triggered on the WebSudo authentication page. Modify the error pages sessionexpired.jsp and xsrfmissing.jsp so they don't echo...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 7:41 a.m.17 views

The csrf token cookie should be a 'secure' cookie like the sessionid cookie

That is that csrf token cookie 'csrftoken' should have the 'secure' attribute like the session cookie. In django 1.4 setting CSRFCOOKIESECURE to True in settings.py will fix this problem...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 5:34 a.m.17 views

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rando...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/03 7:8 a.m.17 views

XSS vulnerability in Office Connector plugin

From: OFFCONN-81: Using "office excel"-macro as part of viewfile, which is part of office connector plugin seems to open up the possibility to get injected with XSS-code. Steps to reproduce: 1. Create an excel-file with following content in one cell: code '"alert'XSS' code 2. Attach this file to ...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/05/13 12:43 p.m.17 views

persistent xss through svg file attachment download

The fix for CONF-22132 was not sufficient because "svg" files are not "said" to be xml by the isXml method. This means that is possible for a malicious party to upload a svg file containing html/javascript which will be rendered in victim's web browser. This bug should have been raised a while ag...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/04/19 4:31 a.m.17 views

admin/fixCaseInNotifications.jsp lacks an XSRF token to start 'notifications fix'

admin/fixCaseInNotifications.jsp does not require a csrf to start 'notifications fix'. When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/04/19 1:22 a.m.17 views

admin/createMissingPersonalInfo.jsp lacks an XSRF token to trigger "build Personal Information objects"

admin/createMissingPersonalInfo.jsp doesn't require a csrf token to trigger "build Personal Information objects". When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/04/11 4:24 p.m.17 views

deletion of a comment with a security setting sends a notification to all watchers and the history tab

As a non-atlassian developer, I saw a deletion notification for a comment that I was restricted from viewing. That seems like a security leak. It would be annoying if we're trying to hide discussion from certain users for them to see that the discussion is happening at all, it would raise questio...

0.8AI score
Exploits0
Atlassian
Atlassian
added 2012/03/26 4:53 a.m.17 views

Bamboo XML Vulnerability

We have identified and fixed a vulnerability in Bamboo that results from the way third-party XML parsers are used in Bamboo. This vulnerability allows an attacker to: Execute denial of service attacks against the Bamboo server, and Read all local files readable to the system user under which Bamb...

3.3AI score
Exploits0
Atlassian
Atlassian
added 2012/03/05 10:35 a.m.17 views

Direct access to issue via url discloses structure without authentication

If an issue is accessed via the direct url an error message discloses if the issue is existent or not - even when the use isn't logged-in. In contrast, an existing issue redirects to the login form. This knowledge may open an attack vector on private Jira instances that require authentication...

2.8AI score
Exploits0
Atlassian
Atlassian
added 2012/02/08 4:27 a.m.17 views

RSS feed over entire site gives information on restricted pages the user should not see

A customer has reported this issue via a comment on the documentation: http://confluence.atlassian.com/display/DOC/Working+with+RSS+Feeds?focusedCommentId=276627497comment-276627497 quote When someone has an RSS feed covering the whole Confluence instance, he is informed about changes in restrict...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/11/28 10:5 a.m.17 views

Do not show registered users in quick search to anonymous users

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-23985. panel Registered users appears in quick search, even when it's a search made by anonymous...

3.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/10/26 2:8 a.m.17 views

XSS vulnerability in /agent/viewAgent.action resource

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo viewAgent.action resource. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...

Exploits0Affected Software1
Atlassian
Atlassian
added 2011/08/22 6:19 a.m.17 views

make space admin able to see restricted pages in his own space

This is a request to make space admins able to see the content of restricted pages in their own spaces. Currently only confluence-administrators can do that...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/07/14 1:8 p.m.17 views

Enumeration of usernames possible in Jira

We found enumeration of usernames to be possible in Jira 4.3.4 despite the login failure message not revealing whether it was the username or password that was incorrect. After 3 failed login attempts a captcha appears only if the user exists, otherwise not. This allows an attacker to enumerate t...

2.3AI score
Exploits0
Atlassian
Atlassian
added 2011/07/01 10:40 a.m.17 views

Web Sudo should be able to be subverted for non browsers (eg scripts) via a HTTP header

We do this for XSRF protection. Basically you should be able to subvert the web sudo mechanism via a HTTP header. This posts shows the use case https://answers.atlassian.com/questions/1273/jira-jelly-runner-via-cron-in-v4-3-4 I believe it just as secure since web sudo is really design to stop som...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/06/14 10:6 p.m.17 views

Implement security sanitization of RSS feeds and other included content

A great improvement for RSS macros would be to implement "cleansing" or "sanitization" of external RSS feeds. This may be something that is configured at the admin level or in the macro level -- I'd prefer it to be a global admin requirement. Having externally linked content is a security risk, a...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/06/14 10:6 p.m.17 views

Implement security sanitization of RSS feeds and other included content

A great improvement for RSS macros would be to implement "cleansing" or "sanitization" of external RSS feeds. This may be something that is configured at the admin level or in the macro level -- I'd prefer it to be a global admin requirement. Having externally linked content is a security risk, a...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/06/07 12:52 a.m.17 views

XSS Vulnerability in Issue Links and Labels

We have identified and fixed a number of cross-site scripting XSS vulnerabilities in JIRA issue links and labels. Affected versions are 4.2.x to 4.3.x XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a JIRA page. You can read more about XSS attacks at various...

Exploits0Affected Software1
Atlassian
Atlassian
added 2011/05/23 6:44 a.m.17 views

XSRF vulnerability in the Social Bookmarking plugin

We have identified and fixed a cross-site request forgery XSRF vulnerability which may affect Confluence instances in a public environment. The XSRF vulnerability is exposed in the Confluence Social Bookmarking plugin. Note that the Social Bookmarking plugin is disabled by default. If you do not...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/05/23 6:44 a.m.17 views

XSRF vulnerability in the Social Bookmarking plugin

We have identified and fixed a cross-site request forgery XSRF vulnerability which may affect Confluence instances in a public environment. The XSRF vulnerability is exposed in the Confluence Social Bookmarking plugin. Note that the Social Bookmarking plugin is disabled by default. If you do not...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2011/03/23 2:52 a.m.17 views

Profile picture thumbnail generation can consume unlimited amount of memory

Discovered a Studio customer, you can upload a very large profile picture to expose the same problem as CONF-21480, just in a different area of the application. We should limit the size of images we're willing to load into memory to avoid this problem with user pictures...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/02/03 11:20 p.m.17 views

XSS vulnerability in the action links of Confluence's attachments lists.

We have identified and fixed a cross-site scripting XSS vulnerability in the action links of Confluence's attachments lists. All versions from 2.7 to 3.4.7 are affected. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/01/03 4:39 p.m.17 views

Admin menu items displayed to non-admins when accessing "Global Templates" page

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-21562. panel When accessing the "Global Templates" menu as a non-admin, the navigation controls for the administration panel ar...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/12/30 3:6 a.m.17 views

Add warning to Shared Dashboards explaining consequence of 'everyone'

In JRA-22207, a warning was added to the "Shared Filters" page explaining what "Everyone" actually means. The "Shared Dashboards" screen also needs this warning. Please also search in the code for anywhere else this permissions-setting control is used...

1.3AI score
Exploits0
Atlassian
Atlassian
added 2010/12/02 11:0 p.m.17 views

XSS vulnerability in Bookmarks macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence bookmarks macro. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including these:...

Exploits0
Atlassian
Atlassian
added 2010/11/25 11:42 p.m.17 views

Implement salting of user passwords

Salting and Hashing of user passwords will require us to provide an upgrade path for users since all existing passwords will become invalid. This change should use the atlassian-security password encode library SEC-1...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/11/05 5:10 a.m.17 views

XSS in filter.subscription.prefix.monthDay parameter of /secure/FilterSubscription.jspa

http://172.16.230.130:8080/secure/FilterSubscription.jspa?filter.subscription.prefix.interval=180&groupName=jira-users&filter.subscription.prefix.runFromMins=00&nextRun=&filter.subscription.prefix.runToMins=00&filter.subscription.prefix.runToMeridian=pm&filter.subscription.prefix.week=2&filter.su...

0.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/10/26 2:11 a.m.17 views

Intermittent Session Lost During Add/Edit Page in Firefox

We customized Seraph to integrate with our SSO Server. Seraph will perform session validation through cookies. When using firefox, we found that in 1 out of 5 to 8 times when we edit a page or add a new page, we will lose our session and be directed back to the login page. This does not happen in...

0.5AI score
Exploits0
Atlassian
Atlassian
added 2010/10/10 8:4 p.m.17 views

Google Chrome shows mixed content warning

Hello, when JIRA is requested via https with Google Chrome 6.0.472.63 on all URLs of JIRA https is in red, crossed out and a padlock with red cross is shown with this description: "Your connection is encrypted with 128-bit encryption. However, this page includes other resources which are not...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2010/10/05 5:37 a.m.17 views

XSS vulnerability in Office Connector

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence Office Connector. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/09/22 6:18 p.m.17 views

Page view restriction is not inheriting to child pages in some spaces

When a new page is created using the create-page macro the child page does not have restrictions inherited. This is only happening for a few spaces. If I try the same macro in another space it will work fine. I have rebuilt the ancestors table but this issue is still happening. Please advise...

2.3AI score
Exploits0
Atlassian
Atlassian
added 2010/08/25 1:48 a.m.17 views

Confluence should not allow configuration of Office Connector temporary storage location

Earlier versions of Confluence allow the administrator to set the temporary storage location for the View File macro, part of the Office Connector. Provided an attacker has gained administrative access to the system in some way, they could then exploit this vulnerability to save malicious files...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/08/18 6:38 a.m.17 views

websudo annotation backwards compatibility (Confluence 3.3)

Following this guide|http://confluence.atlassian.com/pages/viewpage.action?pageId=219021702, I started to use the websudo annotations to secure an XWork action that would process a form in the space admin tab. The plugin is meant to work with Confluence 3.3 and I haven't released a public version...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/26 3:3 a.m.17 views

XSS in mailpage plugin

XSS vulnerability has been reported against the mailpage plugin. It allows an attacker to execute arbitrary javascript. A new version of the issue has been released that fixes this problem...

4.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/11 11:35 p.m.17 views

500page.jsp Improvements

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-19601. panel Some further improvements to the 500page.jsp: The following should not appear if there is no stack trace: quote Cau...

1.1AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295