Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-29672

/rest/likes/1.0/content does not check page permissions properly

    XMLWordPrintable

Details

    Description

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      ID: CONF-001 - Information Exposure
      CWE ID: 200
      CWE Description: An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
      Additional description: One REST service (/rest/likes/1.0/content) doesn't (properly) authenticate requests. An anonymous user can request a list of 'likes' from arbitrary pages that aren't accessible for anonymous users. Confluence returns a list of Confluence usernames as well as full usernames that 'like' that page.
      This could help an attacker: By bruteforcing page_ID it's possible to obtain a list of usernames and full usernames of all persons that have 'liked' one or more pages.
      Affected URL(s):
      /rest/likes/1.0/content/<page_ID>/likes
      /rest/likes/1.0/content/<page_ID>/comment-likes

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFCLOUD-29672 /rest/likes/1.0/content does not check page permissions properly

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              alwang Alice Wang (Inactive)
              cc0d5a24399e PeterMosmans
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: