Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Component/s: None
Labels:

CVSS Score:
5
Bug Fix Policy:
View Atlassian Cloud bug fix policy

Description

Any page can be deleted if a user with sufficient privileges to delete the page clicks an attacker controlled link, or views an image at an attack controller URL.

/pages/doremoveblogpost.action?pageId=<page to delete>

Attachments

Activity

People

Assignee:: Dougall Johnson

Reporter:: Dougall Johnson

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 23/Aug/2013 1:38 AM

Updated:: 22/Aug/2019 4:08 AM

Resolved:: 03/Sep/2013 2:14 AM