Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Won't Fix
Priority: Highest
Fix Version/s: None
Affects Version/s: 3.0
Component/s: None
Labels:

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators, for requests that logout the user via a comment.

Attachments

Issue Links

mentioned in: Wiki Page Loading...; Wiki Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Robert Gilbert

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Jun/2011 11:56 PM

Updated:: 22/Jul/2020 11:12 PM

Resolved:: 25/Jul/2012 2:07 AM