4195 matches found
Some of the REST resources in Navigator plugin are susceptible to XSRF attacks
Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...
Some of the REST resources in Navigator plugin are susceptible to XSRF attacks
Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...
Some of the REST resources in Navigator plugin are susceptible to XSRF attacks
Most of the REST resources in the Navigator plugin accept "x-www-form-urlencoded" bodies but do not check for an XSRF token when making mutative changes. For example: SaveFilterResource: Allow XSRF attack to change user's filter. SuppressedTipsResource UserSearchModeResource...
Webwork 2 code injection vulnerability
We have discovered a vulnerability in WebWork 2, which is a part of the Struts web framework. In specific circumstances, attackers can use this vulnerability to execute Java code of their choice on systems that use these frameworks. In case of Fisheye, the attacker needs to be able to access...
Webwork 2 code injection vulnerability
We have discovered a vulnerability in WebWork 2, which is a part of the Struts web framework. In specific circumstances, attackers can use this vulnerability to execute Java code of their choice on systems that use these frameworks. In case of Fisheye, the attacker needs to be able to access...
Webwork 2 code injection vulnerability
We have discovered a vulnerability in WebWork 2, which is a part of the Struts web framework. In specific circumstances, attackers can use this vulnerability to execute Java code of their choice on systems that use these frameworks. In case of Bamboo, the attacker needs to be able to access Bambo...
Webwork 2 code injection vulnerability
We have discovered a vulnerability in WebWork 2, which is a part of the Struts web framework. In specific circumstances, attackers can use this vulnerability to execute Java code of their choice on systems that use these frameworks. In case of Bamboo, the attacker needs to be able to access Bambo...
GeneralUtil.escapeForHtmlAttribute does not completely escape the given input for use in an html attribute context
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29826. panel GeneralUtil.escapeForHtmlAttribute only escapes " and it does not escape ' . Furthermore, the method does not html...
Elevation of global permission from Administrator to System administrator
With "Administrator" permission I go to the global permissions page http://:7990/admin/permissions. 1. Type in the name of another user without any global permissions. 2. Select "System Administrator" as permission. 3. Press save. Expected result: Stash would deny me creating a "System...
Elevation of global permission from Administrator to System administrator
With "Administrator" permission I go to the global permissions page http://:7990/admin/permissions. 1. Type in the name of another user without any global permissions. 2. Select "System Administrator" as permission. 3. Press save. Expected result: Stash would deny me creating a "System...
Reflected XSS in JIRA Admin Panel (Delete User)
The 'name' param in jira-components/jira-webapp/src/main/webapp/secure/admin/user/views/deleteuserconfirm.jsp is not sanitised, enabling arbitrary html/script execution. A url to demonstrate this issue is:...
Reflected XSS in JIRA Admin Panel (Delete User)
The 'name' param in jira-components/jira-webapp/src/main/webapp/secure/admin/user/views/deleteuserconfirm.jsp is not sanitised, enabling arbitrary html/script execution. A url to demonstrate this issue is:...
Reflected XSS in JIRA Admin Panel (Delete User)
The 'name' param in jira-components/jira-webapp/src/main/webapp/secure/admin/user/views/deleteuserconfirm.jsp is not sanitised, enabling arbitrary html/script execution. A url to demonstrate this issue is:...
Force change of password when enabling the default applications in crowd
Currently it is too easy for an administrator to click through the crowd setup wizard and enable the openid & demo application and not set passwords for either of the applications. It should not be possible to enable a default application without first changing the default password...
Agile board "Add Status" button is not available unless you are member of jira-administrators
As a project administrator or board owner I need to be able to be able to add/remove Statused by using the "Add Status" button from the board Configuration window. Currently this button does appear only for jira-administrators...
Agile board "Add Status" button is not available unless you are member of jira-administrators
As a project administrator or board owner I need to be able to be able to add/remove Statused by using the "Add Status" button from the board Configuration window. Currently this button does appear only for jira-administrators...
Agile board "Add Status" button is not available unless you are member of jira-administrators
As a project administrator or board owner I need to be able to be able to add/remove Statused by using the "Add Status" button from the board Configuration window. Currently this button does appear only for jira-administrators...
View Content Permission Set not Complete.
The Content Permission Set returned from the method getViewContentPermissions is incomplete. It appears to only contain a single ContentPermission object regardless of how many View permisisons have been attached to a Page. 1 Create a new page 2 Assign a View restriction for 1 group 3 Assign View...
View Content Permission Set not Complete.
The Content Permission Set returned from the method getViewContentPermissions is incomplete. It appears to only contain a single ContentPermission object regardless of how many View permisisons have been attached to a Page. 1 Create a new page 2 Assign a View restriction for 1 group 3 Assign View...
View Content Permission Set not Complete.
The Content Permission Set returned from the method getViewContentPermissions is incomplete. It appears to only contain a single ContentPermission object regardless of how many View permisisons have been attached to a Page. 1 Create a new page 2 Assign a View restriction for 1 group 3 Assign View...
JSON-RPC API functions available anonymously even though anonymous API access is disabled.
The summary says it all really. The functions listed below can be used on our confluence service even though we have Anonymous API Access disabled check box not checked in admin control panel. This is an issue when it comes to confluence sites that have sensitive user or group information...
JSON-RPC API functions available anonymously even though anonymous API access is disabled.
The summary says it all really. The functions listed below can be used on our confluence service even though we have Anonymous API Access disabled check box not checked in admin control panel. This is an issue when it comes to confluence sites that have sensitive user or group information...
Disallow multiple sessions for an account
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-33586. panel It is currently possible to run several sessions under any account. Some customers prefer to restrict the number of sessions to...
Disallow multiple sessions for an account
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-33586. panel It is currently possible to run several sessions under any account. Some customers prefer to restrict the number of sessions to...
Disallow multiple sessions for an account
It is currently possible to run several sessions under any account. Some customers prefer to restrict the number of sessions to one, or limit the session to the IP it has been initiated from...
Turning off Anti-XSRF mode has no effect
Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off adding comments is not possible, due to an XSRF warning...
Turning off Anti-XSRF mode has no effect
Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off adding comments is not possible, due to an XSRF warning...
Turning off Anti-XSRF mode has no effect
Turning off Anti-XSRF protection for comments does not have the desired effect. Even if the setting is turned off adding comments is not possible, due to an XSRF warning...
Allow cookie-less instance for security reasons
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-29687. panel Allow administrators to completely remove 'remember me' and disallow remembering usernames and passwords via HTML5...
Allow cookie-less instance for security reasons
Allow administrators to completely remove 'remember me' and disallow remembering usernames and passwords via HTML5. In various cases administrators may want to prevent their users to have their passwords saved. While various browsers will override this settings, but preventing to have a remember-...
Allow cookie-less instance for security reasons
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29687. panel Allow administrators to completely remove 'remember me' and disallow remembering usernames and passwords via HTML5...
Upgrade bundled Tomcat to the latest minor release
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-33563. panel Customer did a Security Scan on the instance and founded the version 5.1.8 that he is using subjected to security vulnerabilitie...
Upgrade bundled Tomcat to the latest minor release
Customer did a Security Scan on the instance and founded the version 5.1.8 that he is using subjected to security vulnerabilities on bundled tomcat which is version 6.0.35. Security Vulnerabilities Information: http://tomcat.apache.org/security-6.htmlFixedinApacheTomcat6.0.36 So customer...
Upgrade bundled Tomcat to the latest minor release
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-33563. panel Customer did a Security Scan on the instance and founded the version 5.1.8 that he is using subjected to security vulnerabiliti...
Parsing of external XML entities can be exploited to retrieve files or make HTTP requests on the target network
h3. Description This issue has been assigned CVE-2013-3925 by Mitre Corporation. Previously reported issue CVE-2012-2926 August 2012, CVSS score 6.4 was patched by introducing a new XFire servlet component into Crowd. The new component disables external entity resolution during XML parsing. The n...
Parsing of external XML entities can be exploited to retrieve files or make HTTP requests on the target network
h3. Description This issue has been assigned CVE-2013-3925 by Mitre Corporation. Previously reported issue CVE-2012-2926 August 2012, CVSS score 6.4 was patched by introducing a new XFire servlet component into Crowd. The new component disables external entity resolution during XML parsing. The n...
Passwords of configured SMTP mail accounts are stored in cleartext
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29534. panel Passwords for configured mail accounts are stored in clear text in the database as can be seen e.g. by: code SELECT...
Passwords of configured SMTP mail accounts are stored in cleartext
Passwords for configured mail accounts are stored in clear text in the database as can be seen e.g. by: code SELECT FROM BANDANA WHERE BANDANAKEY = 'atlassian.confluence.space.mailaccounts'; code Even when being an admin I should NOT be able to read-out other users email account password! This...
Passwords of configured SMTP mail accounts are stored in cleartext
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-29534. panel Passwords for configured mail accounts are stored in clear text in the database as can be seen e.g. by: code SELEC...
The group # in crowd and confluence is different
I used confluence 4.3.7, and integrated with crowd 2.4.2 following the instruction. The issue is that a user is assigned to group confluence-users in crowd, but the group is not shown up in confluence . Here are what I did: Checking in confluence -- users -- detail, shows in groups: no...
The group # in crowd and confluence is different
I used confluence 4.3.7, and integrated with crowd 2.4.2 following the instruction. The issue is that a user is assigned to group confluence-users in crowd, but the group is not shown up in confluence . Here are what I did: Checking in confluence -- users -- detail, shows in groups: no...
The group # in crowd and confluence is different
I used confluence 4.3.7, and integrated with crowd 2.4.2 following the instruction. The issue is that a user is assigned to group confluence-users in crowd, but the group is not shown up in confluence . Here are what I did: Checking in confluence -- users -- detail, shows in groups: no...
Upgrade bundled Tomcat due to security vulnerabilities
There are some Tomcat security vulnerabilities reported against the bundled version 7.0.32: CVE-2013-2067|http://mail-archives.apache.org/modmbox/www-announce/201305.mbox/%[email protected]%3E...
Upgrade bundled Tomcat due to security vulnerabilities
There are some Tomcat security vulnerabilities reported against the bundled version 7.0.32: CVE-2013-2067|http://mail-archives.apache.org/modmbox/www-announce/201305.mbox/%[email protected]%3E...
Upgrade bundled Tomcat to 6.0.37
Customer related a security flaw in Tomcat 6.0.35 and requests that we upgrade the bundled version...
Upgrade bundled Tomcat to 6.0.37
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-29345. panel Customer related a security flaw in Tomcat 6.0.35 and requests that we upgrade the bundled version...
Upgrade bundled Tomcat to 6.0.37
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-29345. panel Customer related a security flaw in Tomcat 6.0.35 and requests that we upgrade the bundled version...
https://jira.atlassian.com/500page.jsp
this page shows all the data about JIRA instance to intruder. It makes it more vulnerable when you know the whole setup...
https://jira.atlassian.com/500page.jsp
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-33042. panel this page shows all the data about JIRA instance to intruder. It makes it more vulnerable when you know the whole setup...
https://jira.atlassian.com/500page.jsp
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-33042. panel this page shows all the data about JIRA instance to intruder. It makes it more vulnerable when you know the whole setup...