[BAM-19708] The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227 - Create and track feature requests for Atlassian products.

XML

Word

Printable

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Medium
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 6.5.0
Component/s: None
Labels:

Last commented by user?:
true
Comments:
1
Symptom Severity:
Severity 1 - Critical
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

The version of the bundled Atlassian Application Links plugin was vulnerable to XSS. See https://ecosystem.atlassian.net/browse/APL-1361 for more details.

Attachments

Issue Links

is related to

JRASERVER-66827 The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

Closed

APL-1356 Loading...

APL-1361 Loading...

Activity

People

Assignee:

Alexey Chystoprudov

Reporter:

SecurityB

Participants:

Alexey Chystoprudov, SecurityB

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Due:

19/Apr/2018

Created:

22/Feb/2018 5:21 AM

Updated:

24/Oct/2018 5:01 AM

Resolved:

23/Feb/2018 8:55 AM

Last commented:

1 year, 13 weeks, 1 day ago