Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 5.2.3
Affects Version/s: 3.2, 3.3, 3.4, 3.5, 4.3.7
Component/s: Content - Blueprints / Templates
Labels:

Support reference count:
2
Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

If anonymous access is enabled under "Global Permissions", anonymous users can view the "Templates" section of the administration panel, as in:

<server-base-url>/pages/templates/listpagetemplates.action
<server-base-url>/pages/templates2/listpagetemplates.action?key=
<server-base-url>/pages/templates2/viewpagetemplate.action?entityId=<template-id>&key=

Links to the rest of the administration panel are displayed, although the user is prompted to log in (and enter WebSudo credentials) when clicking them. In addition, the names of template owners are visible (but not their hover profiles).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

c99.php
162 kB
26/Oct/2014 2:50 PM

Activity

People

Assignee:: Unassigned

Reporter:: TonyA

Votes:: 3 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 06/Apr/2011 5:46 PM

Updated:: 11/Oct/2018 8:44 AM

Resolved:: 27/Feb/2017 11:00 PM