4295 matches found
ClassCastException reported when stopping JIRA
When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...
Trusted authentication doesn't work for Confluence users with uppercase usernames
Trying to use the trusted authentication feature of the Jiraissues macro doesn't work when a user's username is uppercase. JIRA shows the following in its log: quote 2008-01-23 13:59:48,104 INFO STDOUT 2008-01-23 13:59:48,104 ajp-0.0.0.0-6103-8 WARN atlassian.seraph.filter.TrustedApplicationsFilt...
Cross-site scripting vulnerability in 500page.jsp
The test successfully embedded a script in the response, which will be executed once the page is loaded in the user's browser. This means that the application is vulnerable to the Cross-Site Scripting attack. The file 500page.jsp should escape the attributes and parameters to prevent code...
stored XSS vulnerability in app/themes/leftnavigation/configuretheme.action
Description: Stored XSS via page app/themes/leftnavigation/configuretheme.action?key= Exploit: Example value in the Naviagtion Page field: "aletrdocument.cookiex x="...
Permissions at field level
I would like to be able to limit what users roles are able to modify individual fields. For example, I only want to allow particular people project managers to be able to select a fix version in an issue. However, it seems that any user who can edit an issue, including the reporter, can set the...
XSS vulnerability: space name and key not validated nor escaped
Email sent from Igor: quote The problem: The input for space name and key is not being validated properly. I created a JIRA for lacking length validation CONF-8894 and later on I noticed that any characters in the input for space name are allowed. Combine that with another batch of bugs - space...
Create patch to CONF-8877 for Confluence 2.5.4
Since this is a major security issue we need to create patches for older versions...
Project Role Modifications not reflected in Issue Security Scheme
If you modify users/groups in a project's project role and this project uses an issue security scheme, you must remove the role and re-add it to the issue security scheme for the role changes to take effect. Steps to Reproduce: 1. Need to be the admin of a project whose issue creation screen has...
"Change password" facility modify only a password in a local database, not in LDAP.
If jira is configured to use Ldap authentification and user change its password, Jira checks current password in ldap, but modify password in local database only. I think, the correct behaviour is to change both passwords -- in ldap, because this is the one which is realy used, and in local...
Logon with wrong user/password gives 'weird' errorpage.
Error screen after wrong login is 'weird'...
Injection in Crowd Data Center and Server
This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability known as CVE-2025-9287 was introduced in versions 1.0.4, 6.2.4, 7.0.0, and 7.1.0 of Crowd Data Cente...
DoS (Denial of Service) axios Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2025-58754 was introduced in 10.3.0, and 11.0.0 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
SSRF (Server Side Request Forgery) axios Dependency in Jira Software Data Center and Server
This High severity SSRF Server Side Request Forgery vulnerability known as CVE-2025-27152 was introduced in 10.3.0 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P allows a...
Prototype Pollution zrender Dependency in Jira Software Data Center and Server
This is a vulnerability in a non-Atlassian Jira Software dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2021-39227 was introduced in 10.3.0, and 11.0.0 of Jira Software Data...
DoS (Denial of Service) minimatch Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2022-3517 was introduced in 10.3.13 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attack...
Improper Authorization org.springframework.security:spring-security-core Dependency in Jira Service Management Data Center and Server
This High severity Improper Authorization vulnerability was introduced in versions 11.01.1 and 11.1.1 of Jira Service Management Data Center and Server. This vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated attacke...
DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2025-55163 was introduced in 10.3.0, and 11.0.0 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
Improper Authorization org.springframework.security:spring-security-core Dependency in Jira Software Data Center and Server
This High severity Improper Authorization vulnerability was introduced in versions 11.01.1 and 11.1.1 of Jira Software Data Center and Server. This vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated attacker to expos...
DoS (Denial of Service) com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This Improper Authorization vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to expos...
Information Disclosure com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity Information Disclosure vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This Improper Authorization vulnerability, with a CVSS Score of 7.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N allows an unauthenticated attacker to expo...
DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2025-55163 was introduced in 9.12.1, 9.12.2, 9.12.3, 9.12.4, 9.12.5, 9.12.6, 9.12.7, 9.12.8, 9.12.9, 9.12.10, 9.12.11, 9.12.12, 9.12.13, 9.12.14, 9.12.15, 9.12.16, 9.12.17, 9.12.18, 9.12.19, 9.12.22, 9.12.23, 9.12.24, 9.12.25,...
SSRF (Server-Side Request Forgery) in Confluence Data Center and Server
This High severity SSRF Server-Side Request Forgery vulnerability known as CVE-2024-29415 was introduced in 7.19 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H allows an unauthenticated attacker t...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2021-33587
This High severity vulnerability known as CVE-2021-33587 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...
Path Traversal Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-24785
This High severity vulnerability known as CVE-2022-24785 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...
SSRF (Server-Side Request Forgery) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2023-42282
note: This is a critical vulnerability in a non-Atlassian Bitbucket dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory. This...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-4068
This High severity vulnerability known as CVE-2024-4068 was introduced in 3.0.2, 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-55163
This High severity vulnerability known as CVE-2025-55163 was introduced in 3.3.1, 3.5.0, 3.6.0, 8.18.0, 9.1.0, 9.0.1, 9.2.0, 9.4.0, 9.4.1, 9.4.2, 9.4.3, 9.4.4, 9.4.5, 10.0.0, 9.4.6, 9.4.7, 9.4.8, 9.4.9, 9.4.11 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 8.2 and a...
Open Redirect Third-Party Dependency in Bitbucket Data Center and Server - CVE-2023-26159
This High severity vulnerability known as CVE-2023-26159 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.3 and a CV...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 8.9.4, 8.13.4, 8.14.3, 8.15.2, 8.16.0, 8.17.0, 8.18.0, 8.19.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score o...
Update atlassian-gadgets in JIRA Server to fix AG-1502
Now that https://ecosystem.atlassian.net/browse/AG-1502 has been fixed, upgrade atlassian-gadgets to a version that contains a fix for it. In this case JIRA Server would update atlassian-gadgets to a version = 4.2.14...
123
STR: 1/ Go to discount calculetor http://www.nibulon.com/data/zakupivlya-silgospprodukcii/kalkulyator-znizhok.html 2. Enter value '9999999999999999999999999999999999999999999999999999999999999999' into 'Виберіть показник вологості' file Enter some vald value 'Виберіть показник сміттєвої домішки' ...
Stronger algorithm used to digest instance admin password
Let's use PKCS5S2...
XSS in JIRA via PDF attachment
PDF attachments are considered active content and can be used to xss users...
Session ID URL's in logfile
Hi, In the logfiles you can see the session ID's in the URL. Can this be used to hack into a another account?...
Make categories in Space Directory visible only to users who can access the spaces
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-34136. panel Anonymous users can see a list of categories in the Space Directory, even though they don't see the spaces...
Make categories in Space Directory visible only to users who can access the spaces
Anonymous users can see a list of categories in the Space Directory, even though they don't see the spaces...
Unauthenticated User can access certain pages on a private JIRA instance
When you enter the URL of a private JIRA instance on the Quick Search from the login page, you will be directed to the Issue Navigator. !mark2.jpg|thumbnail! If you click the "Status" drop down button, you the unauthenticated user would be able to see the status codes. !mark1.jpg|thumbnail! If yo...
The xsrf cookie token is not a 'secure' cookie for secure('https') requests
To prevent against man in the middle attacks the xsrf cookie token should have the 'secure' attribute set...
XSS vulnerabilities in Atlassian Answers
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47042. panel Some users seem to try XSS attack on Atlassian Answers. How to replicate is the following steps. Go to the top page...
Allow cookie-less instance for security reasons
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29687. panel Allow administrators to completely remove 'remember me' and disallow remembering usernames and passwords via HTML5...
Several XSS flaws in the /rest/tinymce/1
I've found several XSS in the urls and parameters listed below. The criticality of the issues is moderated since only browsers that perform content sniffing would be affected e.g. IE7. This limitation comes from the response's Content Type header being set as text/plain. The classical payload...
User receives an email even though they don't have access to the page where a task was unassigned
h3. Steps to reproduce: Find/Create a space that has restricted view access Create a page and assign a task to a user that doesn't have view access to the page. Save the page. User does not receive an email, and the task does not show up in the user's to-do correct behavior Edit the page and...
XSS vulnerability in source tab configure project
Create a new group named "alert"XSS" 2. In the OnDemand administration section click Fisheye, then Configure to the right of the project name This vulnerability is due to an unescaped group.name parameter in projectrepositorypermissions.vm e.g...
Turning off Anti-XSRF protection for comments has no effect
Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off verified that the setting is saved in the BANDANA table, adding comments is not possible, due to an XSRF warning. This is also covered in more details on this KB:...
User can upload attachments to restricted pages that adopt restrictions from parent page
Users that should have no access to restricted pages that adopt restrictions from the parent page are able to upload attachments if they know the page ID. How to reproduce: 1. Create 2 users, user1 and user2 2. Create a page with user1 and set the page view and edit restrictions to "Me" 3. Create...
deletion of a comment with a security setting sends a notification to all watchers and the history tab
As a non-atlassian developer, I saw a deletion notification for a comment that I was restricted from viewing. That seems like a security leak. It would be annoying if we're trying to hide discussion from certain users for them to see that the discussion is happening at all, it would raise questio...
LogToServer action lets anyone log messages to the server log
Available without authentication. This can be used to hide breakin attempts or fill the disk if no log rotation is in place...
Enable X-FRAME-Options header to implement clickjacking protection
TLDR: Add X-FRAME-Options: SAMEORIGIN to all HTTPS pages server config, and test that nothing breaks. --- Description: Current HTTP headers do not contain the X-FRAME-Option, which helps prevents against Clickjacking attacks. A Clickjacking attack is similar to CSRF in which attacker can hijack a...
Support web sudo and other password confirmation features with custom authenticators
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-22875. panel By default, web sudo and other password confirmation features in Confluence 3.5 and later are disabled if a custom...
On internal error, JIRA will display error information to the user (in the browser)
When JIRA bundled tomcat?? encounters an internal error it displays error information to the user in the browser. This can leak internal, possibly sensitive, information. It should report that there was an error and inform the user to contact their JIRA admin...