Details
-
Bug
-
Resolution: Duplicate
-
Medium
-
None
-
2.6.0
-
None
Description
A customer has reported that:
his password was displayed in plain text in the error logs displayed on his screen. Screen also indicated he should copy and send said error to Admin and/or Atlassian.
This is horrendous security and needs to be changed.
snippet of the error message displayed on screen:
Cause: javax.servlet.ServletException: Filter execution threw an exception at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) caused by: java.lang.OutOfMemoryError: PermGen space at Unknown location [snip] Parameters: * os_destination = /homepage.action * os_password = <MY PASSWORD IN PLAIN TEXT WAS HERE> * login = Log In * os_username = <username goes here> Confluence User: * anonymous Logging: 0 log statements generated by this request.
Attachments
Issue Links
- duplicates
-
CONFSERVER-12360 Improve 500 error page formatting and markup
- Closed