-
Bug
-
Resolution: Fixed
-
Highest
-
4.2.1
-
None
-
Exists in online demonstration environment.
-
4.3
-
It is possible to anonymously enumerate all usernames via the script at /rest/prototype/1/search/user.json?max-results=10&query=XX. The 'query' GET parameter should contain at least two charakters. It is possible to enumerate all usernames by performing a search from 'query' value 'aa' to 'zz'.
When the following GET request is made:
GET /rest/prototype/1/search/user.json?max-results=10&query=si HTTP/1.1 Host: confluence.atlassian.com
The following answer is given:
HTTP/1.1 200 OK Date: Tue, 24 Apr 2012 13:32:11 GMT Cache-Control: no-cache, must-revalidate Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: application/json Keep-Alive: timeout=3, max=20 Connection: Keep-Alive Content-Length: 11707 {"totalSize":846,"result":[{"id":"254738536","type":"user","title":"Harshil Singhal","wikiLink":"[~hs39867]","createdDate":{"friendly":"Aug 22, 2011","date":"2011-08-22T21:52:45-0500"},"creator":{"links":[{"href":"https://confluence.atlassian.com/rest/prototype/1/user/system/anonymous","rel":"self"}],"avatarUrl":"/s/en_GB/3277/16/_/images/icons/profilepics/anonymous.png","anonymous":true,"displayName":"Anonymous"},"lastModifier":{"links":[{"href":"https://confluence.atlassian.com/rest/prototype/1/user/system/anonymous","rel":"self"}],"avatarUrl":"/s/en_GB/3277/16/_/images/icons/profilepics/anonymous.png","anonymous":true,"displayName":"Anonymous"},"username":"hs39867","thumbnailLink": [..]
- relates to
-
CONFSERVER-25350 '/users/userpicker.action' exposes users loginids and full names in instance with anonymous access enabled
-
- Closed
-
[CONFSERVER-25322] The vulnerability exists in the standalone and also in the online demonstration enviroment.
Workflow | Original: JAC Bug Workflow v3 [ 2875306 ] | New: CONFSERVER Bug Workflow v4 [ 3005002 ] |
Workflow | Original: JAC Bug Workflow v2 [ 2803288 ] | New: JAC Bug Workflow v3 [ 2875306 ] |
Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
Workflow | Original: JAC Bug Workflow [ 2735962 ] | New: JAC Bug Workflow v2 [ 2803288 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2389200 ] | New: JAC Bug Workflow [ 2735962 ] |
Labels | Original: affects-server bugfix cvss-medium loyalty security verified web-interface | New: affects-server cvss-medium loyalty security verified web-interface |
Labels | Original: affects-server bugfix cvss-medium security verified web-interface | New: affects-server bugfix cvss-medium loyalty security verified web-interface |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 2266596 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2389200 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2210306 ] | New: Confluence Workflow - Public Facing - Restricted v5 [ 2266596 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2196252 ] | New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2210306 ] |
Workflow | Original: Confluence Workflow - Public Facing - Restricted v5 [ 1925312 ] | New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2196252 ] |