[HTTP-3] Content spoofing through the application/mathml+xml content-type in the Mozilla Firefox Browser - CVE-2017-18103 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Medium
Labels:

Last commented by user?:
true

The atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a content-type of application/mathml+xml.

is related to

BAM-19824 The bundled atlassian-http library had a content spoofing issue - CVE-2017-18103

Closed

BSERV-10740 The bundled atlassian-http library had a content spoofing issue - CVE-2017-18103

Closed

CONFSERVER-54906 Content spoofing in the attachment resource in the Firefox browser - CVE-2018-13389

Closed

CONFSERVER-55328 The bundled atlassian-http library had a content spoofing issue - CVE-2017-18103

Closed

CRUC-8214 The bundled atlassian-http library had a content spoofing issue - CVE-2017-18103

Closed

FE-7068 The bundled atlassian-http library had a content spoofing issue - CVE-2017-18103

Closed

JRASERVER-67612 The bundled atlassian-http library had a content spoofing issue - CVE-2017-18103

Closed

(2 is related to)

Form Name

No work has yet been logged on this issue.

Assignee:: David Black

Reporter:: David Black

Participants:: David Black

Affected customers:: 0 This affects my team

Watchers:: 1 Start watching this issue

Created:: 18/Jul/2018 4:36 AM

Updated:: 18/Jul/2018 5:59 AM

Resolved:: 18/Jul/2018 4:50 AM

Last commented:: 6 years, 41 weeks, 5 days ago

Details

Description

Attachments

Issue Links

Forms

Activity

[HTTP-3] Content spoofing through the application/mathml+xml content-type in the Mozilla Firefox Browser - CVE-2017-18103

People

Dates