Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 5.10.4, 5.9.14
Affects Version/s: 5.9.11, 5.8.18, 5.7.6
Component/s: User - Profile
Labels:
- affects-server
- csrf
- cvss-medium
- security
- xsrf

Support reference count:
1
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Steps to Reproduce:

In Confluence, visit the "My Profile" page (<confluence-url>/users/viewuserprofile.action)
Click "Edit Profile"
Note that no atl_token is present in the URL.
Click "Settings" (<confluence-url>/users/viewmysettings.action)
Click "Edit"
Note that the atl_token value is present in the URL.

Cause

Some forms are rendered as having the method GET rather than the method POST

Security implications

It is only an exploitable security issue if an attacker can get somehow get a resource that includes the token in the URL to access one of their resources or similar such that the referer of the request contains the csrf token.

Attachments

Issue Links

is related to

JRASERVER-61250 JIRA puts a user's XSRF token in various resources.

Gathering Impact

mentioned in: Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Denise Unterwurzacher [Atlassian] (Inactive)

Reporter:: Dave Norton

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Due:: 02/Aug/2016

Created:: 31/May/2016 3:21 AM

Updated:: 11/Oct/2018 8:49 AM

Resolved:: 02/Aug/2016 4:42 PM