Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 5.7.3, 5.7-OD-47-038
Affects Version/s: 5.7.1
Component/s: None
Labels:
- affects-server
- csrf
- editor
- security
- xsrf

CVSS Score:
5
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Potential XSRF vulnerability in tasks. No atl-token is present in the request to complete a task which suggests an attacker may be able to craft a cross site request forgery and action a task without the correct authorisation.

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Tung Dang

Reporter:: Dee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 26/Feb/2015 12:09 AM

Updated:: 11/Oct/2018 8:46 AM

Resolved:: 20/Mar/2015 7:04 AM