Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2014/05/01 11:6 a.m.16 views

Restrictions do not apply in calendar macro

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-49762. panel Team Calendar restrictions do not apply if the calendar is in a Calendar Macro withing a Confluence page. +Repro...

1.9AI score
Exploits0
Atlassian
Atlassian
added 2014/04/25 7:23 a.m.16 views

Processing malformed PNG by incoming mail handler causes OOM and blocks queue

There are two problems: 1. OOM 2. Incoming email processing is blocked Looks like this is similar problem to JRA-35816, fixed in atlassian-core, but mail handler does not use atlassian-core. It affects production OnDemand, all instances. codejava.lang.OutOfMemoryError: Java heap space Dumping hea...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/02/06 9:27 a.m.16 views

Improve filter behaviour: auto-complete should not give away field values

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-36881. panel h4. Context When using JQL with auto-complete switched on, searching for fields will always list global values. For instance,...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/01/01 11:26 p.m.16 views

Content with inherited restrictions still appears in search results

I don't know the full story here but there have been numerous reports on EAC now of cases where clicking on a search result gives a 'Not permitted' response. Further investigation by an admin will show that in these cases a parent or grandparent has viewing restrictions applied. It would appear...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/12/09 4:14 a.m.16 views

DOM XSS in dhtmlHistory.js when using IE

In the createIE function inside dhtmlHistory.js|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-webapp/src/main/webapp/includes/lib/dhtmlhistory/dhtmlHistory.js333 the value of the fragment identifier, is concatenated to create the html of an iframe without first...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/17 4:58 a.m.16 views

Miscellaneous actions are vulnerable to CSRF

This issue is to track the following subset of actions from CONF-27690: StartClusterAction, execute ExternalUserConnectivityAction, execute HandleNameConflictsAction, execute FlushIndexQueueAction, execute ContentRemigrationAction, execute...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/10/01 11:4 a.m.16 views

User lister action has no cross-site request forgery (XSRF) protection

Confluence allows an administrator to configure the groups which will not be allowed for member listing by the userlister macro. The doconfigure action that implements this functionality is vulnerable to cross-site request forgery XSRF. An attacker who exploited this vulnerability could cause the...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/16 5:41 a.m.16 views

Arbitrary file or URL download in ExportWordPageServer

To reproduce: 1. Create a new page. 2. Insert an image with URL: code:none file:///etc/passwd code Edit the page, click +, click Image, select the From the Web tab, enter the file: URL shown above, click Insert, click Save. The image appears invisible on some browsers, but you can verify its...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/02 7:10 a.m.16 views

'self' xss reported in a question's moderate

We have received an external report of a dom xss in the moderation code for a question on answers.atlassian.com. quote 1 DOM XSS Go to https://answers.atlassian.com/ Prepare an question ,after savin it go to the question ,there is an option of "Moderate" ,click it ,there is an option to "Create...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/08/05 9:55 p.m.16 views

Force password reset for all users

Administrators should have an easy way to force users to change passwords in bulk format in emergencies. Has this been discussed as a possible feature? Are there drawbacks to having a mass password reset force in administration? Would setting password expiration to 1 day expire all passwords in 2...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/28 1:59 a.m.16 views

XSS Vulnerability - delete filter confirmation

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34074. panel Similar to JRA-31564, an XSS bug exists in the delete filter success screen. Steps to reproduce: 1. Search for issues. 2. Choose...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/28 1:59 a.m.16 views

XSS Vulnerability - delete filter confirmation

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34074. panel Similar to JRA-31564, an XSS bug exists in the delete filter success screen. Steps to reproduce: 1. Search for issues. 2. Choose...

0.7AI score
Exploits0
Atlassian
Atlassian
added 2013/07/26 3:5 a.m.16 views

XSS vulnerabilities in Atlassian Answers

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47042. panel Some users seem to try XSS attack on Atlassian Answers. How to replicate is the following steps. Go to the top pag...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/06/20 1:38 p.m.16 views

Turning off Anti-XSRF mode has no effect

Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off adding comments is not possible, due to an XSRF warning...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/05/08 1:5 p.m.16 views

Several XSS flaws in the /rest/tinymce/1

I've found several XSS in the urls and parameters listed below. The criticality of the issues is moderated since only browsers that perform content sniffing would be affected e.g. IE7. This limitation comes from the response's Content Type header being set as text/plain. The classical payload...

0.9AI score
Exploits0
Atlassian
Atlassian
added 2013/04/15 3:54 a.m.16 views

External image sources can trigger a basic authentication dialogue

When an external resourcee.g. http://foo.com/image.jpeg is used as the source of an image tag, if the external resource returns a 401 response code and sets a WWW-Authenticate header then the browsers standard 'Basic authentication' dialogue will pop up within on the confluence page. While this i...

2.2AI score
Exploits0
Atlassian
Atlassian
added 2013/03/21 12:48 a.m.16 views

Restrict access to personal pages and directory

We need to restrict access to personal pages and the directory. At present, there doesn't seem to be any way to do this. We have some guest accounts that we want to share a particular space with but unfortunately, we can not do that as all of the content in personal spaces and our directory are...

3.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/01/10 4:9 p.m.16 views

Customized variables whose values are hidden passwords are unmasked revealing the password in the build summary

Step to replicate Create two variables passworder and Passworder notice p with caps Run a customize build overridden the contents of the field While the fields remains hidden in the metadata as expected, the variable with capital P has it values revealed in the build summary see screenshot...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/11/29 12:33 p.m.16 views

Fix XSS vulnerabilities in managereferrers.vm and importword.vm

Scope of this issue is to address two specific XSS vulnerabilies. The scope of fixing i18n parameters is tracked elsewhere|https://jira.atlassian.com/browse/CONF-15548. Please see the comment below for...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/10/04 5:33 a.m.16 views

Potential persistent xss in fixCaseInNotifications.jsp

There is a difficult to exploit XSS in fixCaseInNotifications.jsp. We could not get it to trigger, but there are some scenarios where unescaped data can be displayed through fix method correctName, userNameToFix. The relevant code is as follows: code NotificationCaseFixer caseFixer = new...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2012/09/07 4:57 a.m.16 views

The application should return caching directives instructing browsers not to store local copies of any sensitive data.

We want to control the server's caching directives from within individual scripts. We have identified following locations, where we can provide HTTP headers 'Cache-control: no-store' and 'Pragma: no-cache'. Please provide these response headers to the following identified locations and to all oth...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/08/27 4:6 p.m.16 views

Session ID and remember me cookie should expire when LDAP user password is changed

Steps to reproduce Login as a normal Confluence user In another browser or in incognito mode, login as system administrator Go to Confluence Admin Manage Users and click on the user Click Set Password and set a different password for this user Refresh the page and the user can still access the pa...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/31 9:7 a.m.16 views

ldap injection in the custom atlassian authentication code

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47275. panel The custom atlassian ldap authentication code is vulnerable to ldap injection. The method which is vulnerable to ld...

8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 7:41 a.m.16 views

The csrf token cookie should be a 'secure' cookie like the sessionid cookie

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46613. panel That is that csrf token cookie 'csrftoken' should have the 'secure' attribute like the session cookie. In django 1....

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/07/27 5:34 a.m.16 views

ValidationHash generation should use random.SystemRandom instead of random class

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47146. panel ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a rando...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2012/07/27 1:56 a.m.16 views

Potential remote code execution due to embedding of old django-piston

The exposed atlassian api for forummodules found under forummodules/atlassian/api uses an outdated version of django-piston which does not contain the fix for a remote code execution bug due to the use of yaml.load instead of safeload in the emitters.py python scripton line 412. Whilst it appears...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/05/24 12:15 p.m.16 views

User can upload attachments to restricted pages that adopt restrictions from parent page

Users that should have no access to restricted pages that adopt restrictions from the parent page are able to upload attachments if they know the page ID. How to reproduce: 1. Create 2 users, user1 and user2 2. Create a page with user1 and set the page view and edit restrictions to "Me" 3. Create...

2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/05/21 7:54 a.m.16 views

persistent xss through flash swf file attachment download

It is possible to upload a flash swf file which when the attachment 'download' url is visited the flash swf file is executed in the browser and as such can use ExternalInterface.call method to inject javascript defined in the swf file into the browser...

2.4AI score
Exploits0
Atlassian
Atlassian
added 2012/05/06 11:36 p.m.16 views

OauthApplinksServlet Open Redirect

The OauthApplinksServlet servlet has an open redirect vulnerability in the doGet that will allow phishers to lure users away from legitimate JIRA hosted sites. An open redirect vulnerability is caused by an attacker having control over a request parameter that hasn’t been validated before redirec...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/04/26 4:54 p.m.16 views

'/users/userpicker.action' exposes users loginids and full names in instance with anonymous access enabled

quote LDAP directory users and groups exposed via the /users/userpicker.action. There should be an option to restrict this to authenticated users only and perhaps this should be the default behavior. quote quote The second exposed function that is part of this vulnerability is...

3.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/04/19 4:35 a.m.16 views

admin/fixcwdmemberships.jsp lacks an XSRF token to run the repair action.

admin/fixcwdmemberships.jsp does not require a csrf token to run the repair action. When fixing this issue, please ensure that the JSP is converted to an action or deleted - we don't want to have to maintain our XSRF infrastructure in JSPs...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/03/27 6:46 p.m.16 views

Improve the default SSL cipherset in standalone JIRA setup

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-27681. panel We are concerned about 'SSL Weak Cipher Suites Supported' and 'SSL Medium Strength Cipher Suites Suppored'. Any suggestions wou...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2012/02/08 4:27 a.m.16 views

RSS feed over entire site gives information on restricted pages the user should not see

A customer has reported this issue via a comment on the documentation: http://confluence.atlassian.com/display/DOC/Working+with+RSS+Feeds?focusedCommentId=276627497comment-276627497 quote When someone has an RSS feed covering the whole Confluence instance, he is informed about changes in restrict...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/07/14 1:8 p.m.16 views

Enumeration of usernames possible in Jira

We found enumeration of usernames to be possible in Jira 4.3.4 despite the login failure message not revealing whether it was the username or password that was incorrect. After 3 failed login attempts a captcha appears only if the user exists, otherwise not. This allows an attacker to enumerate t...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/07/12 2:32 a.m.16 views

GeneralUtil.htmlEscapeQuotes should be annotated HtmlSafe

The GeneralUtil.htmlEscapeQuotes method outputs HTML and thus should be annotated as @HtmlSafe. Not doing so causes its output to be double escaped when automatic escaping is enabled for the plugin/velocity template...

0.7AI score
Exploits0
Atlassian
Atlassian
added 2011/06/29 5:37 p.m.16 views

On internal error, JIRA will display error information to the user (in the browser)

When JIRA bundled tomcat?? encounters an internal error it displays error information to the user in the browser. This can leak internal, possibly sensitive, information. It should report that there was an error and inform the user to contact their JIRA admin...

3.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/05/06 8:26 p.m.16 views

When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users

Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here:...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/11/03 3:44 a.m.16 views

Security Vulnerability in Confluence Remote API

We have identified and fixed a vulnerability in the Remote API which affects Confluence instances, including publicly available instances. The Remote API|http://confluence.atlassian.com/display/DOC/Enabling+the+Remote+API allows an attacker to escalate user privileges, excluding the level of syst...

2.5AI score
Exploits0
Atlassian
Atlassian
added 2010/10/05 5:37 a.m.16 views

XSS vulnerability in Office Connector

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence Office Connector. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's own web server. An...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/08/23 9:46 a.m.16 views

Property for enabling/disabling viewage of Jira administrators

As of JRA-21004, it also happened that the Administrator page does not show the administrators anymore. This patch is enables through one property in jira-atlassian.properties, and it resolves severall problems. We would prefer that there is a property like jira.administrators.show=true/false,...

3.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/06/21 3:40 a.m.16 views

XSS vulnerability in PDF export

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence action that performs the export to PDF. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's o...

0.1AI score
Exploits0
Atlassian
Atlassian
added 2010/06/17 8:46 a.m.16 views

Can not UPDATE the "Viewable By" field of an issue

After the creation of an issue it is by default viewable by "All Users". It is not possible to change the value after re-editing that issue. After changing it and clicking the "Update" button, the viewable by entry stays "All Users"...

3.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/31 6:58 a.m.16 views

WebSudo should be disabled in devmode

When confluence is started in dev mode, websudo should be disabled...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/20 3:2 a.m.16 views

Password strength measurement and restriction

Enable password strength rules to tell the user the effective strength of the password they choose optionally allow administrators to restrict the minimum strength of passwords chosen by users be pluggable Currently you can enforce password strength by using JIRA with Crowd...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 5:28 a.m.16 views

Only strings are encoded

The XML encoder only encodes strings. This could make Confluence return non encoded content. This issue is rated HIGH. Please see http://confluence.atlassian.com/x/ZILmD for more security related issue and more information on how we rate issues...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 12:37 a.m.16 views

XSS vulnerability in search

An XSS vulnerability has been found in the searching component of Confluence...

1.5AI score
Exploits0
Atlassian
Atlassian
added 2010/04/16 4:34 a.m.16 views

Miscellaneous support-related JSPs contain XSS holes

JIRA contains a number of support related JSPs that have been added over the years. They were mostly for fighting spam and other support related tasks. Unfortunately none of these were ever tested very much and contain a lot of XSS holes. They are: groupnames.jsp indexbrowser.jsp...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/03/23 2:46 p.m.16 views

Allow non-Administrators to be able to modify workflows

As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...

3.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/02/24 1:11 a.m.16 views

Version number

I notice that the JIRA footer displays the current version of JIRA. Revealing the specifics of the revisions of software that you run in production is generally considered a bad security practice. Is there a reason that it is displayed openly to all users in licensed versions of the product? Is i...

4.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/02/17 4:24 a.m.16 views

Changing system locale means users with non-ASCII characters in their passwords cannot authenticate

The OSUser and Atlassian-User authenticators used by Confluence convert a password into bytes before hashing it. This conversion doesn't specify which encoding should be used, so the system's default encoding is used. If the system administrator changes the locale settings on the server or change...

2.2AI score
Exploits0
Total number of security vulnerabilities4295