Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2010/06/17 8:46 a.m.16 views

Can not UPDATE the "Viewable By" field of an issue

After the creation of an issue it is by default viewable by "All Users". It is not possible to change the value after re-editing that issue. After changing it and clicking the "Update" button, the viewable by entry stays "All Users"...

3.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/31 6:58 a.m.16 views

WebSudo should be disabled in devmode

When confluence is started in dev mode, websudo should be disabled...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/20 3:13 a.m.16 views

Pluggable CAPTCHA

CAPTCHA should be pluggable in JIRA CAPTCHA|http://en.wikipedia.org/wiki/CAPTCHA is supposed to stop spam and other automated nefarious usage of systems. But there is an arms race of CAPTCHA breaking|http://www.slightlyshadyseo.com/index.php/xmcps-how-tobasic-captcha-cracking-techniques-part-1/ a...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/05/20 3:2 a.m.16 views

Password strength measurement and restriction

Enable password strength rules to tell the user the effective strength of the password they choose optionally allow administrators to restrict the minimum strength of passwords chosen by users be pluggable Currently you can enforce password strength by using JIRA with Crowd...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 5:28 a.m.16 views

Only strings are encoded

The XML encoder only encodes strings. This could make Confluence return non encoded content. This issue is rated HIGH. Please see http://confluence.atlassian.com/x/ZILmD for more security related issue and more information on how we rate issues...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 12:37 a.m.16 views

XSS vulnerability in search

An XSS vulnerability has been found in the searching component of Confluence...

1.5AI score
Exploits0
Atlassian
Atlassian
added 2010/04/16 4:36 a.m.16 views

runportleterror.jsp contains XSS hole

The runportleterror.jsp contains an XSS attach vector via the unescaped 'portletKey' URL parameter. The parameter should be escaped properly...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/16 4:34 a.m.16 views

Miscellaneous support-related JSPs contain XSS holes

JIRA contains a number of support related JSPs that have been added over the years. They were mostly for fighting spam and other support related tasks. Unfortunately none of these were ever tested very much and contain a lot of XSS holes. They are: groupnames.jsp indexbrowser.jsp...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/03/23 2:46 p.m.16 views

Allow non-Administrators to be able to modify workflows

As an IT Manager, by having to add users to the Administrators group in order to edit and manage workflows is prohibitive to the administration and security of our Jira environment. While I want users to create, manage and edit workflows, I do NOT want them creating or modifying accounts which...

3.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/03/16 1:0 a.m.16 views

Custom fileds inconsistently escaped in view and edit screens

Steps to replicate: Create a custom field and name it Hithere On view issue screens, the field appears as Hithere On edit issue screen, the field appears as Hithere on red font I guess we need to make a decision on which one is the desired functionality allow HTML or not and make it consistent...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/03/01 3:54 a.m.16 views

JQL breaks issue security levels based on custom fields

The MultiSelectCustomFieldIndexer does 2 things: index but don't store a case-folded version in the field "customfield10017:retail" store a "raw" version in a new field with the raw added to the end "customfield10017raw:Retail" The problem is that com.atlassian.jira.security.type.GroupCF looks fo...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/02/24 1:11 a.m.16 views

Version number

I notice that the JIRA footer displays the current version of JIRA. Revealing the specifics of the revisions of software that you run in production is generally considered a bad security practice. Is there a reason that it is displayed openly to all users in licensed versions of the product? Is i...

4.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/02/17 4:24 a.m.16 views

Changing system locale means users with non-ASCII characters in their passwords cannot authenticate

The OSUser and Atlassian-User authenticators used by Confluence convert a password into bytes before hashing it. This conversion doesn't specify which encoding should be used, so the system's default encoding is used. If the system administrator changes the locale settings on the server or change...

2.2AI score
Exploits0
Atlassian
Atlassian
added 2009/12/07 3:45 a.m.16 views

KB "Running JIRA over SSL or HTTPS" needs review for Windows Standalone scenario

There are three recommended updates to the KB Running JIRA over SSL or HTTPS|http://confluence.atlassian.com/display/JIRA/Running+JIRA+over+SSL+or+HTTPS based on customer feedback. 1. quote When asked to "What is your first and last name" make sure you enter in the DNS name that you will use to...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/12/02 4:10 a.m.16 views

User's Full Name is an XSS vector in Status Updates tab of User Profile

A user's full name is an XSS vector when viewing the "Status Updates" tab of the user profile. 1 Set a user's Full Name as "alertdocument.cookie". 2 Log out. 3 If anonymous access is disabled, log in as a different user, otherwise, continue as Anonymous. 4 Go to the profile page for the user...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/11/24 8:47 p.m.16 views

Watchers can be added to a project without having rights in that project

A user of Jira at our site has found that two people he added to watchers on this project were only members of the Jira Users group and had no rights in the project. Therefore Jira silently did not send any notifications and they did not receive the information that the original user thought they...

2AI score
Exploits0
Atlassian
Atlassian
added 2009/10/21 1:33 a.m.16 views

Confluence users should inherit permissions from the anonymous user

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-17278. panel This has been derived from CONF-4955|http://jira.atlassian.com/browse/CONF-4955. The above seems to have been fixe...

3.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/08/26 1:55 p.m.16 views

Add a password lockout feature

Confluence does not prevent someone from making a script that tries every possible password combination for a Confluence account. There should be an option to set a max attempts and then lock out the user from the system. This is obviously a security problem as Confluence within most companies us...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/08/18 1:18 a.m.16 views

XSS vulnerability can be exploited with the pagetree macro

Use the following markup: noformatpagetree:root=alert'12'noformat Whenever the page is viewed, the script will be executed...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/08/12 4:55 a.m.16 views

XSS bug when unfavouriting a dashboard

When unfavouriting a dashboard with name 'alert'blah';' the javascript is executed. https://extranet.atlassian.com/display/QA/JIRA+Dashboards+Blitz+-+Mark%27s+Findings...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/07/24 5:42 a.m.16 views

Warn about assigning "Anyone" group in Global and Project permissions

Assigning anyone to global permissions such as a "Browse user" is a sure way to shoot yourself in the foot inadvertently. We make a vague mention of it in the documentation https://confluence.atlassian.com/display/JIRA/Managing+Global+Permissions quote if you wish to grant the permission to non...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/06/18 1:45 p.m.16 views

Directory traversal in Profile Picture path - leads to privilege escalation in < 3.0

Confluence allows its users to specify a "Profile Picture," an image that appears on many pages related to the user. A user can either upload a custom image, or select one from a set provided by Confluence. Confluence uses the /users/doeditmyprofilepicture.action path to process requests to chang...

7.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/06/03 7:28 a.m.16 views

XSS vulnerability when moving page between spaces

You can create a space with HTML in the name. In most places this space name is correctly encoded however in the tree component given when you chose to move a page the destination space is name is not encoded properly. To reproduce. 1 Create a space called alert"Howdy"; 2 Create a page in another...

0.2AI score
Exploits0
Atlassian
Atlassian
added 2009/03/19 4:15 p.m.16 views

Latex Plugin-Cross-site Scripting Error

Our security group scanned the plugin below and found the following issue for the Latex Plugin: Number System/Location Defect Type Status R1 Latex Plugin Client-side Attacks: Cross-site Scripting Open Description Security Risk: It is possible to steal or manipulate customer session and cookies,...

Exploits0
Atlassian
Atlassian
added 2009/02/12 1:0 a.m.16 views

Password is being logged for 500 errors

The user passwords are being exposed in the log files when a 500 error happens. The following Jira solved the problem for the information displayed in the user Browser: http://jira.atlassian.com/browse/CONF-12360...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/02/04 3:15 p.m.16 views

Email notifications for jiraissues macro reflect page owner permissions rather than permissions of notified user...

When a notification is sent out for a page that includes the \jiraissues\ macro, the list of issues is based on the page owner's permissions rather than the notified user's permissions. Here are the steps to reproduce: Set up the trust relationship between your JIRA and Confluence installs Create...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/11/14 12:59 a.m.16 views

Attachment list in popup doesn't escape filenames causing XSS hole

The filenames in the attachment list of the link popup aren't being escaped. If you upload an attachment with a filename including html it could be executed...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/11/13 3:49 a.m.16 views

Session must not be invalidated on logout

People ran into problems|http://forums.atlassian.com/thread.jspa?forumID=101&threadID=29965 because we started invalidating the session on logout in 2.9.2. They expect certain session attributes like the seraph LOGGEDOUTKEY to be present. This means we need to remove all session attributes except...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/11/07 12:35 a.m.16 views

Inserted image filenames are not escaped properly as thumbnails

When you insert an image as a thumbnail into a wiki page, the generated HTML does not properly escape the filename...

0.5AI score
Exploits0
Atlassian
Atlassian
added 2008/11/07 12:35 a.m.16 views

Inserted image filenames are not escaped properly as thumbnails

When you insert an image as a thumbnail into a wiki page, the generated HTML does not properly escape the filename...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/08/25 10:33 a.m.16 views

Hidden pages' content can be viewed without permission using diffpages.action

If the id of a page is known by a user, that user can view the content of the page without having permissions to the space it is in. They need only construct the right URL. EG: Two spaces A and B Page with id 1 is in Space A Page with id 2 is in Space B User cannot see Space A User can see Space ...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2008/07/03 4:7 p.m.16 views

Do not release details about securrity vulnerabilities until after the fix was available for a reasonable period of time

It is an unfortunate practice at Atlassian to as a part of release notes release all the information, often including example exploits|http://jira.atlassian.com/browse/CONF-9350, about security vulnerabilities that were fixed in the version being released. This gives us great headaches because: w...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/05/30 1:45 p.m.16 views

XSS vulnerability in create/edit/copy page and blogpost actions

panelThe following create/edit page URL's are vulnerable: - /pages/createpage.action - /pages/docreatepage.action - /pages/editpage.action - /pages/doeditepage.action on parentPageString panel Example of a maliciously crafted path:...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/03/18 3:16 a.m.16 views

XSS vulnerability in browseusers.vm

browseusers.vm does not escape usernames...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/03/12 12:36 a.m.16 views

XSS vulnerabilities in create space action

The following URL's are vulnerable: - spaces/createspace-start.action - spaces/createspace.action on key and name parameters...

3.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/03/10 4:44 a.m.16 views

viewuser.action has an XSS problem around username

Steps to reproduce: create a user with username: foo"alert'hello';span class="ff you should get an alert when you are redirected to viewuser.action to view the user you just created...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/02/25 6:5 a.m.16 views

Users with view permissions on a space are able to delete (purge) pages they don't have permission to edit/access

If a user has at least view permissions on a space they can purge any page in that space using the URL: /pages/purgetrashitem.action?key=&contentId= and the right contentId and space key. A purge can be performed even if the page has not been marked for deletion. This issue has been replicated an...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/02/19 3:16 p.m.16 views

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/02/19 3:16 p.m.16 views

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

0.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/01/17 3:12 a.m.16 views

JIRA Portlet Macro not displaying when authenticating using the trusted application between JIRA and Confluence

We're having issues using the JIRA portlet macro jiraportlet on pages inside Confluence. Whenever we try to use this macro using the trust between JIRA and Confluence for authentication, the macro does not display on the page. There aren't any errors, it just doesn't appear. code...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/01/17 3:12 a.m.16 views

JIRA Portlet Macro not displaying when authenticating using the trusted application between JIRA and Confluence

We're having issues using the JIRA portlet macro jiraportlet on pages inside Confluence. Whenever we try to use this macro using the trust between JIRA and Confluence for authentication, the macro does not display on the page. There aren't any errors, it just doesn't appear. code...

1.4AI score
Exploits0
Atlassian
Atlassian
added 2007/09/25 8:45 p.m.16 views

Cross-site scripting vulnerability in /dashboard.action

The test successfully embedded a script in the response, which will be executed once the page is loaded in the user's browser. This means that the application is vulnerable to the Cross-Site Scripting attack. 1 of 3 Cross-Site Scripting in Parameter Name Severity: High Test Type: Application...

5.6AI score
Exploits0
Atlassian
Atlassian
added 2007/09/13 5:12 a.m.16 views

Multi user custom field cannot be used with the assignable user permission

If a multi user custom field is added to JIRA, and the custom field is added to the Assignable User permission, the Assign Issue operation breaks, when trying to gather the list of assignable Users. This is basically because our MultiUserCF is not specific enough and relies to much on the...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2007/09/11 2:10 p.m.16 views

Recently updated links for users with personal spaces link to profile if personal space is not accessible

Users without the global access right for personal space can still see links to personal spaces in the "Recently updated" list on their dashboard. This is a serious security problem for extranets, when one wants to prevent non anonymous external users to see who's using the wiki. Note: this probl...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/08/31 4:13 a.m.16 views

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

6.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/08/02 10:47 p.m.16 views

Max label limit can be passed by adding labels via ajax

For CONF-8978, limits were implemented on how many labels can be added in one submit by various "add label" screens, and how many labels can be set on an edit page/edit news screen. However, there is nothing to prevent extra labels being added by the "add label" screens beyond the number allowed ...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/07/23 11:45 a.m.16 views

Vulnerability against DoS attack via labels

Description: When you give more labels to a content, then Confluence split up the user input on spaces, and then make az SQL query against each word or something like this. Exploit: Giving x thousand characters depends on the machine separated by space as label results the system is breaking down...

3.2AI score
Exploits0
Atlassian
Atlassian
added 2007/07/19 8:31 p.m.16 views

stored XSS vulnerability in app/themes/leftnavigation/configuretheme.action

Description: Stored XSS via page app/themes/leftnavigation/configuretheme.action?key= Exploit: Example value in the Naviagtion Page field: "aletrdocument.cookiex x="...

2.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/04/16 4:20 a.m.16 views

Form submission doesn't check source

Confluence accepts form submissions from any source. This means if you are logged in to confluence and another site submits data to the confluence instance, then its accepted without question because the user is already logged in - or automatically logged in. We need a way to validate the form...

2AI score
Exploits0
Atlassian
Atlassian
added 2007/03/21 4:40 a.m.16 views

Deleting a custom field which has an issue security scheme or permission scheme on it causes system error

A custom field with an issue security scheme based on it is deleted. A subsequent search on a issue under this security scheme causes a system error...

1.4AI score
Exploits0Affected Software1
Total number of security vulnerabilities4295