Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 2.6.5
Affects Version/s: None
Component/s: None
Labels:
- security

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

The Crowd webapp and OpenID Server should protect their login page against CSRF attacks. This prevents attacks where a user is logged in under another set of credentials without their permission, or cases where a client is tricked into helping with brute force attacks.

Attachments

Activity

People

Assignee:: Caspar Krieger (Inactive)

Reporter:: joe

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 03/Jul/2013 5:20 AM

Updated:: 15/Aug/2019 7:04 AM

Resolved:: 05/Aug/2013 4:12 AM