Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-10027

XSS vulnerability in /agent/viewAgent.action resource

XMLWordPrintable

      We have identified and fixed a reflected cross-site scripting (XSS) vulnerability in the Bamboo viewAgent.action resource.

      This issue is reported in our security advisory on this page:
      https://confluence.atlassian.com/x/rQP5FQ

      You can read more about XSS attacks at:

            [BAM-10027] XSS vulnerability in /agent/viewAgent.action resource

            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Bamboo Workflow 2016 v1 - Restricted [ 1442507 ] New: JAC Bug Workflow v3 [ 3383416 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: Bamboo Workflow 2016 v1 [ 1419684 ] New: Bamboo Workflow 2016 v1 - Restricted [ 1442507 ]
            Marek Went (Inactive) made changes -
            Workflow Original: Bamboo Workflow 2014 v2 [ 610378 ] New: Bamboo Workflow 2016 v1 [ 1419684 ]
            Security Metrics Bot made changes -
            Labels Original: advisory security New: advisory cvss-high security
            James Dumay made changes -
            Workflow Original: Bamboo Workflow 2014 [ 593047 ] New: Bamboo Workflow 2014 v2 [ 610378 ]
            James Dumay made changes -
            Workflow Original: Bamboo Workflow 2010 [ 351513 ] New: Bamboo Workflow 2014 [ 593047 ]
            David Black made changes -
            Description Original: We have identified and fixed a reflected cross-site scripting (XSS) vulnerability in the Bamboo viewAgent.action resource.

            This issue is reported in our security advisory on this page:
            http://confluence.atlassian.com/x/lwH6Dw

            You can read more about XSS attacks at:

            * http://www.cgisecurity.com/xss-faq.html
            * http://www.cert.org/advisories/CA-2000-02.html

            		New: We have identified and fixed a reflected cross-site scripting (XSS) vulnerability in the Bamboo viewAgent.action resource.

            This issue is reported in our security advisory on this page:
            https://confluence.atlassian.com/x/rQP5FQ

            You can read more about XSS attacks at:

            * http://www.cgisecurity.com/xss-faq.html
            * http://www.cert.org/advisories/CA-2000-02.html

            paulwatson (Inactive) made changes -
            Security Original: Reporters and Developers [ 10070 ]
            VitalyA made changes -
            Labels New: advisory security
            VitalyA made changes -
            Description Original: We have identified and fixed a reflected cross-site scripting (XSS) vulnerability in the Bamboo default 'internal server error' page.

            This issue is reported in our security advisory on this page:
            http://confluence.atlassian.com/x/lwH6Dw

            You can read more about XSS attacks at:

            * http://www.cgisecurity.com/xss-faq.html
            * http://www.cert.org/advisories/CA-2000-02.html

            		New: We have identified and fixed a reflected cross-site scripting (XSS) vulnerability in the Bamboo viewAgent.action resource.

            This issue is reported in our security advisory on this page:
            http://confluence.atlassian.com/x/lwH6Dw

            You can read more about XSS attacks at:

            * http://www.cgisecurity.com/xss-faq.html
            * http://www.cert.org/advisories/CA-2000-02.html

              vosipov VitalyA
              pwatson paulwatson (Inactive)
              Affected customers:
              0 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: