Bitbucket repository configuration doesn't offer SSH

When you add a new Bitbucket repository, you can only enter a username/password for authentication. If you want to use SSH, you should fallback to the generic 'Git' repository host. SSH should be offered as an option in the Bitbucket configuration. As an intermediate solution you can add a...

Use git-credential-store to avoid exposing plaintext username/password

Using https://username:[email protected] will expose the credentials e.g. in 'ps' when users have SSH access to the server which also runs Bamboo. This can be avoided if Bamboo uses git-credential-store...

Confluence Security Settings not respected by Confluence Questions

Hi Atlassian team, in our Confluence configuration we set "User email visibility" to "only visible to site administrators" However, we use the Confluence Questions plugin and if we click there on a Contact and "Contact info", the email is displayed even to anonymous users. As I am on vaccation fo...

Confluence Security Settings not respected by Confluence Questions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47587. panel Hi Atlassian team, in our Confluence configuration we set "User email visibility" to "only visible to site...

Confluence Security Settings not respected by Confluence Questions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47587. panel Hi Atlassian team, in our Confluence configuration we set "User email visibility" to "only visible to site...

Confluence Security Settings not respected by Confluence Questions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47587. panel Hi Atlassian team, in our Confluence configuration we set "User email visibility" to "only visible to site...

Confluence search returns results from Questions, eventhough CQ does not have anonymous "can-use" permissions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47841. panel h4.Steps to Reproduce: Install CQ "1.0.618" or "1.0.618.001" Make sure that CQ does not have anonymous access Brow...

Confluence search returns results from Questions, eventhough CQ does not have anonymous "can-use" permissions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47841. panel h4.Steps to Reproduce: Install CQ "1.0.618" or "1.0.618.001" Make sure that CQ does not have anonymous access Brows...

Confluence search returns results from Questions, eventhough CQ does not have anonymous "can-use" permissions

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47841. panel h4.Steps to Reproduce: Install CQ "1.0.618" or "1.0.618.001" Make sure that CQ does not have anonymous access Brows...

Confluence search returns results from Questions, eventhough CQ does not have anonymous "can-use" permissions

h4.Steps to Reproduce: Install CQ "1.0.618" or "1.0.618.001" Make sure that CQ does not have anonymous access Browse through Confluence as anonymous Do a search h4.Expected Results: Results should not contain anything from Questions. h4.Actual Results: Results show Questions topics, but upon...

Add global option "Enable group <anyone>"

As mentioned in JRA-18076 and JRA-23255, the predefined group anyone poses security risks in many cases as it exposes projects to unauthenticated users. I tend to think that in 90% of Jira instances that group has no use and is just a security risk dangling over our heads. I would suggest an opti...

Add global option "Enable group <anyone>"

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-39912. panel As mentioned in JRA-18076 and JRA-23255, the predefined group anyone poses security risks in many cases as it exposes projects ...

Add global option "Enable group <anyone>"

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-39912. panel As mentioned in JRA-18076 and JRA-23255, the predefined group anyone poses security risks in many cases as it exposes projects t...

Disabled users still recieve 'Share Page' emails sent to groups

Steps to Reproduce in Confluence: Create a user, and set to 'Disabled' Create a Group and make this user a member of this group Share a page with the group This results in an email being sent to the inactive user Steps to Reproduce with a Crowd server handling user management: Same as above, but...

Disabled users still recieve 'Share Page' emails sent to groups

Steps to Reproduce in Confluence: Create a user, and set to 'Disabled' Create a Group and make this user a member of this group Share a page with the group This results in an email being sent to the inactive user Steps to Reproduce with a Crowd server handling user management: Same as above, but...

Disabled users still recieve 'Share Page' emails sent to groups

Steps to Reproduce in Confluence: Create a user, and set to 'Disabled' Create a Group and make this user a member of this group Share a page with the group This results in an email being sent to the inactive user Steps to Reproduce with a Crowd server handling user management: Same as above, but...

Tools/Share sends e-mail to disabled users

I have Confluence/JIRA latest versions self hosted. Confluence gets its users from JIRA. I created a new topic and then used the Tools/Share option to notify all of the new topic. I used "jira-users" to send the message to. It sent to everyone including disabled users. I would expect the behavior...

Tools/Share sends e-mail to disabled users

I have Confluence/JIRA latest versions self hosted. Confluence gets its users from JIRA. I created a new topic and then used the Tools/Share option to notify all of the new topic. I used "jira-users" to send the message to. It sent to everyone including disabled users. I would expect the behavior...

Tools/Share sends e-mail to disabled users

I have Confluence/JIRA latest versions self hosted. Confluence gets its users from JIRA. I created a new topic and then used the Tools/Share option to notify all of the new topic. I used "jira-users" to send the message to. It sent to everyone including disabled users. I would expect the behavior...

Draft retrieval in the editor doesn't respect page or space permissions

Drafts are supposed to be per user and private but given a draft id, which should be easy to guess as they are sequential, you can access the contents of any draft, both for new and existing pages by using the following urls:...

Draft retrieval in the editor doesn't respect page or space permissions

Drafts are supposed to be per user and private but given a draft id, which should be easy to guess as they are sequential, you can access the contents of any draft, both for new and existing pages by using the following urls:...

Draft retrieval in the editor doesn't respect page or space permissions

Drafts are supposed to be per user and private but given a draft id, which should be easy to guess as they are sequential, you can access the contents of any draft, both for new and existing pages by using the following urls:...

Crowd gives more admin permissions than is apparent

When a crowd application has multiple directories added to it, and a group which is authorised to log into Crowd, all directories with that group are allowed to log in to crowd. However, the UI makes it seem as though only a group in the chosen directory is allowed to log in. Steps to reproduce:...

Crowd gives more admin permissions than is apparent

When a crowd application has multiple directories added to it, and a group which is authorised to log into Crowd, all directories with that group are allowed to log in to crowd. However, the UI makes it seem as though only a group in the chosen directory is allowed to log in. Steps to reproduce:...

Forgotten password features leaks information to the user that could be used to gain unauthorised access to Confluence

Using the forgotten password feature in Confluence it is possible to find out which email addresses are stored in the system from the responses given from the form when submitted. These responses need to be made generic so that it is not possible to tell which email addresses are or are not store...

Forgotten password features leaks information to the user that could be used to gain unauthorised access to Confluence

Using the forgotten password feature in Confluence it is possible to find out which email addresses are stored in the system from the responses given from the form when submitted. These responses need to be made generic so that it is not possible to tell which email addresses are or are not store...

Forgotten password features leaks information to the user that could be used to gain unauthorised access to Confluence

Using the forgotten password feature in Confluence it is possible to find out which email addresses are stored in the system from the responses given from the form when submitted. These responses need to be made generic so that it is not possible to tell which email addresses are or are not store...

"Issue Does Not Exist" page leaks information to non-logged in users

Trying to open a URL for an issue that does not exist shows the "Issue Does Not Exist" error page, even if you are logged out and the project is not publicly viewable. In contrast, trying to open the URL for valid issue will prompt the user to login. In this way, an unprivileged user can learn...

"Issue Does Not Exist" page leaks information to non-logged in users

Trying to open a URL for an issue that does not exist shows the "Issue Does Not Exist" error page, even if you are logged out and the project is not publicly viewable. In contrast, trying to open the URL for valid issue will prompt the user to login. In this way, an unprivileged user can learn...

Child pages permissions are not respected in Popular Tab

mfernandezbadii posted this on CONF-33207: quote I found that restricted child pages not the whole space, will still show on the Popular Tab. Example: User can browse a Space. Restricted page is created and user can't browse it or see it in the Popular Tab. Child page is created: User can't brows...

Child pages permissions are not respected in Popular Tab

mfernandezbadii posted this on CONF-33207: quote I found that restricted child pages not the whole space, will still show on the Popular Tab. Example: User can browse a Space. Restricted page is created and user can't browse it or see it in the Popular Tab. Child page is created: User can't brows...

Child pages permissions are not respected in Popular Tab

mfernandezbadii posted this on CONF-33207: quote I found that restricted child pages not the whole space, will still show on the Popular Tab. Example: User can browse a Space. Restricted page is created and user can't browse it or see it in the Popular Tab. Child page is created: User can't brows...

Stored XSS Vulnerability found on Atlassian

Hi ! My name is Andi Rrahmani and i am an Independent Security Researcher. I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You will have the POC as an atachment to this report that i am making. Now i will show you in details how i managed to...

Stored XSS Vulnerability found on Atlassian

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-47027. panel Hi ! I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You wil...

Stored XSS Vulnerability found on Atlassian

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47027. panel Hi ! I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You will...

Stored XSS Vulnerability found on Atlassian

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-47027. panel Hi ! I am writing this email to let you know of a Stored XSS Vulnerability that i found on atlassian.com . You will...

Password for LDAP Connection Displayed in the "directoryConfigurationSummary.txt" file

In the Support.zip|https://confluence.atlassian.com/display/DOC/Troubleshooting+Problems+and+Requesting+Technical+SupportTroubleshootingProblemsandRequestingTechnicalSupport-Method1:UsingtheSupportRequestFormviatheConfluenceAdministrationConsole there is a file named...

Password for LDAP Connection Displayed in the "directoryConfigurationSummary.txt" file

In the Support.zip|https://confluence.atlassian.com/display/DOC/Troubleshooting+Problems+and+Requesting+Technical+SupportTroubleshootingProblemsandRequestingTechnicalSupport-Method1:UsingtheSupportRequestFormviatheConfluenceAdministrationConsole there is a file named...

Password for LDAP Connection Displayed in the "directoryConfigurationSummary.txt" file

In the Support.zip|https://confluence.atlassian.com/display/DOC/Troubleshooting+Problems+and+Requesting+Technical+SupportTroubleshootingProblemsandRequestingTechnicalSupport-Method1:UsingtheSupportRequestFormviatheConfluenceAdministrationConsole there is a file named...

Escape or filter script tags in "all activity" panel

We've got an external report about a third party plugin: quote From: Vincent Ollivier Date: 29 July 2014 13:12 Subject: JIRA 6.2.5 / JEditor XSS Vulnerability To: [email protected] Hi, Sorry for the email, I couldn't find the correct project to report this security issue. There's an XSS in...

Escape or filter script tags in "all activity" panel

We've got an external report about a third party plugin: quote From: Vincent Ollivier Date: 29 July 2014 13:12 Subject: JIRA 6.2.5 / JEditor XSS Vulnerability To: [email protected] Hi, Sorry for the email, I couldn't find the correct project to report this security issue. There's an XSS in...

Escape or filter script tags in "all activity" panel

We've got an external report about a third party plugin: quote From: Vincent Ollivier Date: 29 July 2014 13:12 Subject: JIRA 6.2.5 / JEditor XSS Vulnerability To: [email protected] Hi, Sorry for the email, I couldn't find the correct project to report this security issue. There's an XSS in...

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

XSS using WebFragmentBuilder for WebItemProvider

The label is not escaped properly when using WebFragmentBuilder to generate links for JIRA's nav dropdown. This only happens when is not present in the relevant WebSection...

XSS using WebFragmentBuilder for WebItemProvider

The label is not escaped properly when using WebFragmentBuilder to generate links for JIRA's nav dropdown. This only happens when is not present in the relevant WebSection...

XSS using WebFragmentBuilder for WebItemProvider

The label is not escaped properly when using WebFragmentBuilder to generate links for JIRA's nav dropdown. This only happens when is not present in the relevant WebSection...

XSS when adding Stash Linked Repositories

Stash server title in the "Stash server" dropdown is not being escaped and if it contains a script tag that script will be eval'd. Our Stash QA test data has the server title "Welcome to alert666 Long Ståш Title with ..." which causes the "666" to alert when the "Add repository" button is clicked...

XSS when adding Stash Linked Repositories

Stash server title in the "Stash server" dropdown is not being escaped and if it contains a script tag that script will be eval'd. Our Stash QA test data has the server title "Welcome to alert666 Long Ståш Title with ..." which causes the "666" to alert when the "Add repository" button is clicked...