The project avatar resource accepts content type of MULTIPART_FORM_DATA so a malicious attacker could use javascript to submit a form from a foreign host to a stash server and trick the user into changing the project avatar in Stash.

cc David Black [Atlassian] - is there any reason why panopticon found the issue with the
UserResource however not with the ProjectResource ?

com.atlassian.stash.internal.rest.project.ProjectResource

POST rest/api/1.0/projects/{PROJECT_SLUG}/avatar.png

    @POST
    @Consumes(MediaType.MULTIPART_FORM_DATA)
    @MultipartConfigClass(AvatarMultipartConfig.class)
    @Path(AVATAR_PATH)
    public Response uploadAvatar(@Context Project project, @Context UriInfo uriInfo,
                                 @MultipartFormParam("avatar") final FilePart file) {
        projectService.updateAvatar(project.getId(), new FilePartAvatarSupplier(file));

Documentation must also be altered to tell users about the new requirement to set the X-Atlassian-Token header value to "no-check"