Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.11.2, 2.12.0
Affects Version/s: 2.9.5, 2.10.2, 2.11.1
Component/s: None
Labels:

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

The version of the bundled Atlassian OAuth plugin was vulnerable to Server Side Request Forgery (SSRF). This allowed a XSS and or a SSRF attack to be performed. More information about the Atlassian OAuth plugin issue see https://ecosystem.atlassian.net/browse/OAUTH-344 .

Attachments

Issue Links

is caused by: OAUTH-286 Loading...

is duplicated by: KRAK-504 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...

relates to: OAUTH-344 Loading...

(1 relates to)

Activity

People

Assignee:: Lukasz Pater

Reporter:: Robbie (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Due:: 16/May/2017

Created:: 21/Mar/2017 8:59 PM

Updated:: 19/Aug/2019 8:01 AM

Resolved:: 31/Mar/2017 12:58 PM