OAuth Administration screen is visible to anonymous users

XMLWordPrintable

      If anonymous user access is enabled under "Global Permission", user can access to "OAuth Administration" page without the need to log-in. Here is the URL to the page:

      <server-base-url>/plugins/servlet/oauth/view-consumer-info

      This page display Confluence administrators menu on the sidebar and other information such as:

      • Consumer Key
      • Name
      • Description
      • Public Key
      • Callback URL

              Assignee:
              Vu Truong Vo (Inactive)
              Reporter:
              Bernd Lindner
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: