Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 2.10.3
Affects Version/s: 2.3
Component/s: None
Labels:

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

An attacker can craft a specific attachment filename, or rename the file once it has been uploaded to introduce arbitrary headers into the response stream

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

Picture 64.png
37 kB
26/Feb/2009 12:44 AM
HeaderSanitisingResponseWrapper.class
3 kB
15/Apr/2009 1:29 AM
HeaderSanitisingFilter.class
2 kB
15/Apr/2009 1:29 AM

Activity

People

Assignee:: Andrew Lynch (Inactive)

Reporter:: David Cheney (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 26/Feb/2009 12:44 AM

Updated:: 11/Oct/2018 8:53 AM

Resolved:: 24/Mar/2009 5:18 AM