Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-2950

Crowd leaks the value of the HTTP only 'crowd.token_key' cookie on the crowd/console/500.jsp page

    XMLWordPrintable

Details

    Description

      cert.fr@cassidian.com reported the following vulnerability:
      == Type ==
      Information Disclosure

      == Product ==
      Atlassian Crowd

      == Severity ==
      Medium

      == Description ==
      The crowd.token_key cookie, used as a token to authenticate on all Atlassian applications, is marked as HttpOnly.
      However, the Crowd 500 error page (/crowd/console/500.jsp) displays this cookie?s value, breaking the HttpOnly behavior.

      Attachments

        Issue Links

          mentioned in

          Wiki Page Loading...

          Wiki Page Loading...

          Wiki Page Loading...

          Activity

            People

              akunday ArvindA
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 53m
                  53m