[CONFSERVER-14275] HTTP Header Injection vulnerability: os_destination value not properly escaped when used as redirect location - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.10.2
Affects Version/s: None
Component/s: None
Labels:
- security

Bug Fix Policy:
View Atlassian Server bug fix policy

Issue to track the Seraph security vulnerability, SER-127, and including the fix in Confluence (once it is fixed).

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

atlassian-seraph-0.38.3.jar
146 kB
17/Feb/2009 4:31 AM

Assignee:: Andrew Lynch (Inactive)

Reporter:: Matt Ryall

Affected customers:: 0 This affects my team

Watchers:: 4 Start watching this issue

Created:: 23/Jan/2009 3:39 AM

Updated:: 30/Mar/2022 7:11 AM

Resolved:: 03/Feb/2009 2:34 AM