4295 matches found
XXE (XML External Entity Injection) in Jira Service Management Data Center and Server
This High severity XXE XML External Entity Injection vulnerability was introduced in version 11.2.0 of Jira Service Management Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...
XXE (XML External Entity Injection) in Jira Software Data Center and Server
This High severity XXE XML External Entity Injection vulnerability was introduced in versions 9.12.27, 10.3.10, 11.0.1, and 11.1.1 of Jira Software Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.4 and a CVSS Vector of...
Cryptographic Failure Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-24771
This High severity vulnerability known as CVE-2022-24771 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...
SSRF (Server-Side Request Forgery) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-22259
This High severity vulnerability known as CVE-2024-22259 was introduced in 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.3.4, 8.4.0, 8.4.1, 8.4.2, 8.4.3, 8.4.4, 8.5.0, 8.5.1, 8.5.2, 8.5.3, 8.5.4, 8.6.0, 8.6.1, 8.6.2, 8.6.3, 8.6.4, 8.7.0, 8.7.1, 8.7.2, 8.7.3, 8.7.4, 8.8.0, 8.8.1, 8.8.2, 8.8.3, 8.8.4, 8.8.5, 8.9.0...
SSRF (Server-Side Request Forgery) Third-Party Dependency in Confluence Data Center and Server - CVE-2023-42282
This is a critical vulnerability in a non-Atlassian Confluence dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory. This Critical...
Prototype Pollution Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-46175
This High severity vulnerability known as CVE-2022-46175 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.1 and a CV...
Broken Authentication Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-22228
This High severity vulnerability known as CVE-2025-22228 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 9.4.0, 8.19.12, 8.19.13, 9.4.1, 9.4.2, 8.19.14, 9.4.3, 8.19.15, 8.19.16, 9.4.4, 8.19.17, 9.4.5, 8.19.18, 9.4.6 of Bitbucket...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2021-3803
This High severity vulnerability known as CVE-2021-3803 was introduced in 1.0.2, 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 an...
DoS (Denial of Service) Third-Party Dependency in Confluence Data Center and Server - CVE-2024-45296
This High severity vulnerability known as CVE-2024-45296 was introduced in 7.19.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0, 9.1.0, 9.0.1, 9.2.0, 9.3.1 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
Path Traversal Third-Party Dependency in Confluence Data Center and Server - CVE-2025-48387
This High severity vulnerability known as CVE-2025-48387 was introduced in 7.19.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0, 9.1.0, 9.0.1, 9.4.0, 9.2.3 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 8.7 and a CVSS Vector of...
DoS (Denial of Service) Third-Party Dependency in Confluence Data Center and Server - CVE-2024-37890
This High severity vulnerability known as CVE-2024-37890 was introduced in 3.3.3, 9.4.0, 9.2.3 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Atlassian recommends that Confluence Data Center and...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2021-3807
This vulnerability affects certain versions of Atlassian Bitbucket Data Center and Server. Please describe the impact of the vulnerability here. No known vulnerability could be read off of the parent...
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.12.0, 10.3.0, 10.7.1, and 11.0.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 8.19.0, 9.4.0, and 9.6.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
DoS (Denial of Service) Third-Party Dependency in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.12.0, 10.3.0, 10.6.0, 10.7.1, and 11.0.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.3.0, and 10.7.1 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
BASM (Broken Authentication & Session Management) org.springframework.security:spring-security-crypto Dependency in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.12.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0 and 10.7.0 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...
Third-Party Dependency in Bamboo Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 10.2.4 and 11.0.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows an unauthenticated...
BASM (Broken Authentication & Session Management) org.springframework.security:spring-security-crypto Dependency in Jira Software Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.3.0, 10.4.0, 10.5.0, and 10.6.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...
RCE (Remote Code Execution) com.typesafe.akka:akka-actor_2.11 Dependency in Crowd Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H allows an unauthenticat...
Improper Authorization Third-Party Dependency in Confluence Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in version 7.13 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attacker to...
DoS (Denial of Service) io.netty:netty-handler Dependency in Jira Software Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.11.3, 9.12.0, 9.13.0, 9.14.0, 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7....
Memory leak while accessing <base-url>label/<labelname> (label search) on objects created in io.micrometer.core.instrument.ImmutableTag
h3. Issue Summary Memory leak while accessing label/ label search on objects created in io.micrometer.core.instrument.ImmutableTag This is reproducible on the Data Center: yes h3. Steps to Reproduce Use the following script to search randomly for labels code:java while : do curl...
Tomcat version information disclosed when calling REST endpoints
h3. Issue Summary When accessing the REST API endpoints as an unauthenticated user an error page is displayed and this page contains the version information for Tomcat. This is a security concern and should not be disclosed. h3. Steps to Reproduce As an unauthenticated user access the following...
Captcha not checked for page creation
Steps to reproduce: Turn on Captcha from Configuration - Spam Prevention Select "No one everyone will see captchas" and save Create a page should see the captcha Publish the page without entering the captcha Expected: Publish is not allowed Actual: Page is published...
HTTP security headers are not present for app's servlet but are sent on regular Confluence page
h3. Summary When creating a servlet in a plugin/app, and accessing the servlet in the browser, you notice that security headers are not included: !Screenshot 2018-11-06 at 15.34.38.png|thumbnail! Unlike when accessing a Confluence Page: !Screenshot 2018-11-06 at 15.34.15.png|thumbnail! Notice the...
XSS Vulnerability in wiki markup
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-51825. panel Luke Jahnke of the Australia Post Digital Mailbox Security Team reported to Atlassian an XSS in nesting various...
JIRA Server can be DOSed through a specific error page resource.
JIRA had a specific error page resource that when repeatedly accessed could result in more memory being used eventually resulting in java running out of heap space...
XSS in pull request inbox
A potential XSS issue was identified in the pull request inbox, and has been fixed in Bitbucket Server 4.12.1...
Permission issues with projects and reviews
There are 2 issues related to permission schema. They were grouped together into a single issue, marked with a security label. h4. Issue 1 User visited in the past Project A. Also he has visited a review raised in Project A. FeCru allows him to access those recent items using the menu on top...
Security Issue with multimedia playback on Mac OSX
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-41124. panel Currently your multimedia playback method uses an older and insecure method. I had to reinstate old plugins to make...
Customer can see Internal Comment created by Automation Action
h5. Environment - run JIRA from atlas-debug - JIRA 7.0.5 - JIRA Service Desk 3.0.5 h5. Steps to reproduce Create Service Desk project go to Administration - Automation tab click New rule - Custom rule add Trigger Issue Created add Action Add comment put some Comment text and select Internal as...
One Crucible admin can get access to repository password provided by another admin
It was possible to retrieve the repository passwords provided by another administrator via web browser session. It was fixed now, so password can still be changed or unset if necessary, but it is not possible to read its contents...
Check CSRF security in watch/unwatch action
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-39719. panel Check CSRF security in watch/unwatch action...
Active Directory/LDAP credentials stored in database in cleartext
We use an Active Directory server for authenticating our JIRA users, and a MySQL server for storing our JIRA data. We were extremely alarmed to discover that the username and password used for accessing the AD server are stored in cleartext in the MySQL database. Anyone who is able to compromise...
"JIRA Project Releases" event should respect Project's permissions
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-48963. panel Adding "JIRA Project Releases" event type to the Team calendar seems to NOT respect permissions from the project. I...
Users with only View Space permission are able to edit Space Questions
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46923. panel h2. Problem Summary Users are able to edit any Space Questions as long as they have View permissions for that space...
Users with only View Space permission are able to edit Space Questions
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46923. panel h2. Problem Summary Users are able to edit any Space Questions as long as they have View permissions for that spac...
Drop SSlv3 retry and copied CustomSSLProtocolSocketFactory.java from SAL
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-36250. panel The fix for CONF-24035 introduced a retry with SSLv3 if a connection fails. However, like workaround implemented in...
Ability to encryption Confluence's notification emails.
Confluence is growing fast as well as security. It would be great if we were capable to configure Confluence to encrypt the notification...
XSS in page editor via Shortcut links
Steps to reproduce: 1. add new shortcuts with default alias like "". 2. by typing searchterms@aliasname in page editor you can trigger XSS By replacing existing shortcut with malicious one, we can easily exploit multiple users using this functionality...
Add global option "Enable group <anyone>"
As mentioned in JRA-18076 and JRA-23255, the predefined group anyone poses security risks in many cases as it exposes projects to unauthenticated users. I tend to think that in 90% of Jira instances that group has no use and is just a security risk dangling over our heads. I would suggest an opti...
Forgotten password features leaks information to the user that could be used to gain unauthorised access to Confluence
Using the forgotten password feature in Confluence it is possible to find out which email addresses are stored in the system from the responses given from the form when submitted. These responses need to be made generic so that it is not possible to tell which email addresses are or are not store...
"Issue Does Not Exist" page leaks information to non-logged in users
Trying to open a URL for an issue that does not exist shows the "Issue Does Not Exist" error page, even if you are logged out and the project is not publicly viewable. In contrast, trying to open the URL for valid issue will prompt the user to login. In this way, an unprivileged user can learn...
XSS using WebFragmentBuilder for WebItemProvider
The label is not escaped properly when using WebFragmentBuilder to generate links for JIRA's nav dropdown. This only happens when is not present in the relevant WebSection...
Can't push subtree
As requested in answer to my stackoverflow http://stackoverflow.com/questions/24637748/cant-push-subtree-using-sourcetree post I'm posting this potential bug here. Using a basic schema for git subtree I created 2 repository on Github: "project" and "framework" and made the followings: - Clone...
prevent crashing when running out of database connections
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-33522. panel One common total crash for Confluence is when it does run out of database connection. Any reliable web application...
Restrictions do not apply in calendar macro
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-49762. panel Team Calendar restrictions do not apply if the calendar is in a Calendar Macro withing a Confluence page. +Repro...
Processing malformed PNG by incoming mail handler causes OOM and blocks queue
There are two problems: 1. OOM 2. Incoming email processing is blocked Looks like this is similar problem to JRA-35816, fixed in atlassian-core, but mail handler does not use atlassian-core. It affects production OnDemand, all instances. codejava.lang.OutOfMemoryError: Java heap space Dumping hea...
Improve filter behaviour: auto-complete should not give away field values
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-36881. panel h4. Context When using JQL with auto-complete switched on, searching for fields will always list global values. For instance,...