[CONFSERVER-14014] Word import with Office Connector can overwrite existing content without permission

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 2.10.1
Affects Version/s: 2.10
Component/s: None
Labels:
- affects-server
- editor
- office
- qa-manual
- security
Environment:

All versions of the Office Connector

Bug Fix Policy:
View Atlassian Server bug fix policy

It's possible under a specific set of circumstances that a user could perform actions they may otherwise be unauthorized to perform using the document import feature of the Office Connector. The specific actions would be editing or deleting a page they don't have permission to change.

Note that this bug doesn't expose content to unauthorized users.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

OfficeConnector-1.4.jar
7.92 MB
21/Dec/2008 11:34 PM

mentioned in: Wiki Page Failed to load

Katherine Yabut made changes - 13/Nov/2018 4:40 AM

Workflow

Original: JAC Bug Workflow v3 [ 2880343 ]

New: CONFSERVER Bug Workflow v4 [ 2977079 ]

Owen made changes - 11/Oct/2018 8:43 AM

Workflow	Original: JAC Bug Workflow v2 [ 2780607 ]	New: JAC Bug Workflow v3 [ 2880343 ]
Status	Original: Resolved [ 5 ]	New: Closed [ 6 ]

Owen made changes - 29/Aug/2018 11:13 PM

Workflow

Original: JAC Bug Workflow [ 2724874 ]

New: JAC Bug Workflow v2 [ 2780607 ]

Owen made changes - 02/Jul/2018 7:02 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2388214 ]

New: JAC Bug Workflow [ 2724874 ]

Katherine Yabut made changes - 22/Jun/2017 6:49 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 [ 2285187 ]

New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2388214 ]

Katherine Yabut made changes - 31/May/2017 5:36 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2225234 ]

New: Confluence Workflow - Public Facing - Restricted v5 [ 2285187 ]

Katherine Yabut made changes - 31/May/2017 4:58 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2179202 ]

New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2225234 ]

Katherine Yabut made changes - 31/May/2017 2:01 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 [ 1945347 ]

New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2179202 ]

Katherine Yabut made changes - 03/Apr/2017 4:02 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v3 [ 1741906 ]

New: Confluence Workflow - Public Facing - Restricted v5 [ 1945347 ]

Katherine Yabut made changes - 28/Feb/2017 6:38 AM

Workflow

Original: CONF Bug Subtask WF (TEMP) [ 1702513 ]

New: Confluence Workflow - Public Facing - Restricted v3 [ 1741906 ]

Assignee:: RyanA

Reporter:: Anonymous

Affected customers:: 0 This affects my team

Watchers:: 0 Start watching this issue

Created:: 17/Dec/2008 4:34 AM

Updated:: 11/Oct/2018 8:43 AM

Resolved:: 23/Dec/2008 2:39 AM

Details

Description

Attachments

Attachments

Issue Links

Forms

Activity

People

Dates