Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2016/01/20 12:46 p.m.16 views

Customer can see Internal Comment created by Automation Action

h5. Environment - run JIRA from atlas-debug - JIRA 7.0.5 - JIRA Service Desk 3.0.5 h5. Steps to reproduce Create Service Desk project go to Administration - Automation tab click New rule - Custom rule add Trigger Issue Created add Action Add comment put some Comment text and select Internal as...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/01/07 11:26 a.m.16 views

One Crucible admin can get access to repository password provided by another admin

It was possible to retrieve the repository passwords provided by another administrator via web browser session. It was fixed now, so password can still be changed or unset if necessary, but it is not possible to read its contents...

3.6AI score
Exploits0
Atlassian
Atlassian
added 2015/10/29 7:54 a.m.16 views

Check CSRF security in watch/unwatch action

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-39719. panel Check CSRF security in watch/unwatch action...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/10/02 9:6 a.m.16 views

Active Directory/LDAP credentials stored in database in cleartext

We use an Active Directory server for authenticating our JIRA users, and a MySQL server for storing our JIRA data. We were extremely alarmed to discover that the username and password used for accessing the AD server are stored in cleartext in the MySQL database. Anyone who is able to compromise...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/06/08 11:4 a.m.16 views

"JIRA Project Releases" event should respect Project's permissions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-48963. panel Adding "JIRA Project Releases" event type to the Team calendar seems to NOT respect permissions from the project. I...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2015/06/03 7:44 p.m.16 views

Users with only View Space permission are able to edit Space Questions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46923. panel h2. Problem Summary Users are able to edit any Space Questions as long as they have View permissions for that space...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/01/23 5:27 a.m.16 views

Drop SSlv3 retry and copied CustomSSLProtocolSocketFactory.java from SAL

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-36250. panel The fix for CONF-24035 introduced a retry with SSLv3 if a connection fails. However, like workaround implemented in...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/01/14 11:25 a.m.16 views

Disable SSLv3 in outgoing HTTPS connections from Confluence

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-36165. panel SSLv3 is an old protocol and has been superseded by TLSv1.0, TLSv1.1 and TLSv1.2. TLSv1.0 was first defined in...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/12/22 5:19 p.m.16 views

Ability to encryption Confluence's notification emails.

Confluence is growing fast as well as security. It would be great if we were capable to configure Confluence to encrypt the notification...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/10/20 8:42 p.m.16 views

XSS in page editor via Shortcut links

Steps to reproduce: 1. add new shortcuts with default alias like "". 2. by typing searchterms@aliasname in page editor you can trigger XSS By replacing existing shortcut with malicious one, we can easily exploit multiple users using this functionality...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/10/14 3:23 a.m.16 views

Mail sever configuration page sends mail server password back in the html

The mail server configuration page fills in the current mail server password in the html and it should not. Instead a place-holder value should be used instead of the current password value and if the place-holder value is submitted in a request then the mail server password is not updated...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/09/11 5:28 p.m.16 views

Add global option "Enable group <anyone>"

As mentioned in JRA-18076 and JRA-23255, the predefined group anyone poses security risks in many cases as it exposes projects to unauthenticated users. I tend to think that in 90% of Jira instances that group has no use and is just a security risk dangling over our heads. I would suggest an opti...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/08/26 11:32 p.m.16 views

Forgotten password features leaks information to the user that could be used to gain unauthorised access to Confluence

Using the forgotten password feature in Confluence it is possible to find out which email addresses are stored in the system from the responses given from the form when submitted. These responses need to be made generic so that it is not possible to tell which email addresses are or are not store...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/08/15 11:35 p.m.16 views

"Issue Does Not Exist" page leaks information to non-logged in users

Trying to open a URL for an issue that does not exist shows the "Issue Does Not Exist" error page, even if you are logged out and the project is not publicly viewable. In contrast, trying to open the URL for valid issue will prompt the user to login. In this way, an unprivileged user can learn...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/08/06 11:30 p.m.16 views

Stored XSS Vulnerability found on Atlassian

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47027. panel Hi ! I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You wil...

5.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/28 4:26 a.m.16 views

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/25 7:30 a.m.16 views

XSS using WebFragmentBuilder for WebItemProvider

The label is not escaped properly when using WebFragmentBuilder to generate links for JIRA's nav dropdown. This only happens when is not present in the relevant WebSection...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/07/08 8:1 p.m.16 views

Can't push subtree

As requested in answer to my stackoverflow http://stackoverflow.com/questions/24637748/cant-push-subtree-using-sourcetree post I'm posting this potential bug here. Using a basic schema for git subtree I created 2 repository on Github: "project" and "framework" and made the followings: - Clone...

7.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/05/02 3:20 p.m.16 views

prevent crashing when running out of database connections

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-33522. panel One common total crash for Confluence is when it does run out of database connection. Any reliable web application...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/05/01 11:6 a.m.16 views

Restrictions do not apply in calendar macro

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-49762. panel Team Calendar restrictions do not apply if the calendar is in a Calendar Macro withing a Confluence page. +Repro...

1.9AI score
Exploits0
Atlassian
Atlassian
added 2014/04/25 7:23 a.m.16 views

Processing malformed PNG by incoming mail handler causes OOM and blocks queue

There are two problems: 1. OOM 2. Incoming email processing is blocked Looks like this is similar problem to JRA-35816, fixed in atlassian-core, but mail handler does not use atlassian-core. It affects production OnDemand, all instances. codejava.lang.OutOfMemoryError: Java heap space Dumping hea...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/02/06 9:27 a.m.16 views

Improve filter behaviour: auto-complete should not give away field values

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-36881. panel h4. Context When using JQL with auto-complete switched on, searching for fields will always list global values. For instance,...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/01/01 11:26 p.m.16 views

Content with inherited restrictions still appears in search results

I don't know the full story here but there have been numerous reports on EAC now of cases where clicking on a search result gives a 'Not permitted' response. Further investigation by an admin will show that in these cases a parent or grandparent has viewing restrictions applied. It would appear...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/12/09 4:14 a.m.16 views

DOM XSS in dhtmlHistory.js when using IE

In the createIE function inside dhtmlHistory.js|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-webapp/src/main/webapp/includes/lib/dhtmlhistory/dhtmlHistory.js333 the value of the fragment identifier, is concatenated to create the html of an iframe without first...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/17 4:58 a.m.16 views

Miscellaneous actions are vulnerable to CSRF

This issue is to track the following subset of actions from CONF-27690: StartClusterAction, execute ExternalUserConnectivityAction, execute HandleNameConflictsAction, execute FlushIndexQueueAction, execute ContentRemigrationAction, execute...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/01 11:4 a.m.16 views

User lister action has no cross-site request forgery (XSRF) protection

Confluence allows an administrator to configure the groups which will not be allowed for member listing by the userlister macro. The doconfigure action that implements this functionality is vulnerable to cross-site request forgery XSRF. An attacker who exploited this vulnerability could cause the...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/16 5:41 a.m.16 views

Arbitrary file or URL download in ExportWordPageServer

To reproduce: 1. Create a new page. 2. Insert an image with URL: code:none file:///etc/passwd code Edit the page, click +, click Image, select the From the Web tab, enter the file: URL shown above, click Insert, click Save. The image appears invisible on some browsers, but you can verify its...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/02 7:10 a.m.16 views

'self' xss reported in a question's moderate

We have received an external report of a dom xss in the moderation code for a question on answers.atlassian.com. quote 1 DOM XSS Go to https://answers.atlassian.com/ Prepare an question ,after savin it go to the question ,there is an option of "Moderate" ,click it ,there is an option to "Create...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/08/05 9:55 p.m.16 views

Force password reset for all users

Administrators should have an easy way to force users to change passwords in bulk format in emergencies. Has this been discussed as a possible feature? Are there drawbacks to having a mass password reset force in administration? Would setting password expiration to 1 day expire all passwords in 2...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/28 1:59 a.m.16 views

XSS Vulnerability - delete filter confirmation

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34074. panel Similar to JRA-31564, an XSS bug exists in the delete filter success screen. Steps to reproduce: 1. Search for issues. 2. Choose...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/28 1:59 a.m.16 views

XSS Vulnerability - delete filter confirmation

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34074. panel Similar to JRA-31564, an XSS bug exists in the delete filter success screen. Steps to reproduce: 1. Search for issues. 2. Choose...

0.7AI score
Exploits0
Atlassian
Atlassian
added 2013/07/26 3:5 a.m.16 views

XSS vulnerabilities in Atlassian Answers

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47042. panel Some users seem to try XSS attack on Atlassian Answers. How to replicate is the following steps. Go to the top pag...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/06/20 2:9 p.m.16 views

Disallow multiple sessions for an account

It is currently possible to run several sessions under any account. Some customers prefer to restrict the number of sessions to one, or limit the session to the IP it has been initiated from...

3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/06/20 1:38 p.m.16 views

Turning off Anti-XSRF mode has no effect

Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off adding comments is not possible, due to an XSRF warning...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/05/08 1:5 p.m.16 views

Several XSS flaws in the /rest/tinymce/1

I've found several XSS in the urls and parameters listed below. The criticality of the issues is moderated since only browsers that perform content sniffing would be affected e.g. IE7. This limitation comes from the response's Content Type header being set as text/plain. The classical payload...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2013/04/15 3:54 a.m.16 views

External image sources can trigger a basic authentication dialogue

When an external resourcee.g. http://foo.com/image.jpeg is used as the source of an image tag, if the external resource returns a 401 response code and sets a WWW-Authenticate header then the browsers standard 'Basic authentication' dialogue will pop up within on the confluence page. While this i...

2.2AI score
Exploits0
Atlassian
Atlassian
added 2013/03/21 12:48 a.m.16 views

Restrict access to personal pages and directory

We need to restrict access to personal pages and the directory. At present, there doesn't seem to be any way to do this. We have some guest accounts that we want to share a particular space with but unfortunately, we can not do that as all of the content in personal spaces and our directory are...

3.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/01/10 4:9 p.m.16 views

Customized variables whose values are hidden passwords are unmasked revealing the password in the build summary

Step to replicate Create two variables passworder and Passworder notice p with caps Run a customize build overridden the contents of the field While the fields remains hidden in the metadata as expected, the variable with capital P has it values revealed in the build summary see screenshot...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/11/29 12:33 p.m.16 views

Fix XSS vulnerabilities in managereferrers.vm and importword.vm

Scope of this issue is to address two specific XSS vulnerabilies. The scope of fixing i18n parameters is tracked elsewhere|https://jira.atlassian.com/browse/CONF-15548. Please see the comment below for...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/10/04 5:33 a.m.16 views

Potential persistent xss in fixCaseInNotifications.jsp

There is a difficult to exploit XSS in fixCaseInNotifications.jsp. We could not get it to trigger, but there are some scenarios where unescaped data can be displayed through fix method correctName, userNameToFix. The relevant code is as follows: code NotificationCaseFixer caseFixer = new...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2012/09/07 4:57 a.m.16 views

The application should return caching directives instructing browsers not to store local copies of any sensitive data.

We want to control the server's caching directives from within individual scripts. We have identified following locations, where we can provide HTTP headers 'Cache-control: no-store' and 'Pragma: no-cache'. Please provide these response headers to the following identified locations and to all oth...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/08/27 4:6 p.m.16 views

Session ID and remember me cookie should expire when LDAP user password is changed

Steps to reproduce Login as a normal Confluence user In another browser or in incognito mode, login as system administrator Go to Confluence Admin Manage Users and click on the user Click Set Password and set a different password for this user Refresh the page and the user can still access the pa...

1.2AI score
Exploits0
Atlassian
Atlassian
added 2012/07/31 9:7 a.m.16 views

ldap injection in the custom atlassian authentication code

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47275. panel The custom atlassian ldap authentication code is vulnerable to ldap injection. The method which is vulnerable to ld...

8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 7:41 a.m.16 views

The csrf token cookie should be a 'secure' cookie like the sessionid cookie

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46613. panel That is that csrf token cookie 'csrftoken' should have the 'secure' attribute like the session cookie. In django 1....

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 5:34 a.m.16 views

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rando...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2012/07/27 1:56 a.m.16 views

Potential remote code execution due to embedding of old django-piston

The exposed atlassian api for forummodules found under forummodules/atlassian/api uses an outdated version of django-piston which does not contain the fix for a remote code execution bug due to the use of yaml.load instead of safeload in the emitters.py python scripton line 412. Whilst it appears...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/05/21 7:54 a.m.16 views

persistent xss through flash swf file attachment download

It is possible to upload a flash swf file which when the attachment 'download' url is visited the flash swf file is executed in the browser and as such can use ExternalInterface.call method to inject javascript defined in the swf file into the browser...

2.4AI score
Exploits0
Atlassian
Atlassian
added 2012/05/07 6:55 a.m.16 views

The "user" Dark Features page is vulnerable to XSRF/csrf

The "User Dark Features" page located at $host/secure/ViewProfile.jspa?selectedTab=jira.user.profile.panels:up-darkfeatures-panel allows users to add dark features which only affect themselves. However, it is not protected against XSRF attacks. Note: the 'value' of dark features is not properly...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/05/06 11:36 p.m.16 views

OauthApplinksServlet Open Redirect

The OauthApplinksServlet servlet has an open redirect vulnerability in the doGet that will allow phishers to lure users away from legitimate JIRA hosted sites. An open redirect vulnerability is caused by an attacker having control over a request parameter that hasn’t been validated before redirec...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/04/26 4:54 p.m.16 views

'/users/userpicker.action' exposes users loginids and full names in instance with anonymous access enabled

quote LDAP directory users and groups exposed via the /users/userpicker.action. There should be an option to restrict this to authenticated users only and perhaps this should be the default behavior. quote quote The second exposed function that is part of this vulnerability is...

3.2AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295