[JSWSERVER-5642] Cross Site Scripting Vulnerabilities

Type: Bug
Resolution: Fixed
Priority: Medium (View bug fix roadmap)
Fix Version/s: 5.9.8
Affects Version/s: None
Component/s: None
Labels:

Bug Fix Policy:
View Atlassian Server bug fix policy

We have identified and fixed several reflected and persisted cross-site scripting (XSS) vulnerabilities that affect GreenHopper instances, including publicly available instances (that is, Internet-facing servers). XSS vulnerabilities allow an attacker to embed their own JavaScript into a GreenHopper page.

More details are available in the advisory at https://confluence.atlassian.com/display/GH/GreenHopper+Security+Advisory+2012-08-21

causes: SCT-129 Failed to load

mentioned in: GreenHopper Security Advisory 2012-08-21; GreenHopper Security Advisory 2012-08-21; Page No Confluence page found with the given URL.; GreenHopper Security Advisory 2012-08-21; Page Loading...; Page Loading...; Wiki Page Loading...; Wiki Page Loading...

(4 mentioned in)

Owen made changes - 16/Oct/2018 1:06 AM

Workflow	Original: JAC Bug Workflow v2 [ 2854013 ]	New: JAC Bug Workflow v3 [ 2934800 ]
Status	Original: Resolved [ 5 ]	New: Closed [ 6 ]

Owen made changes - 25/Sep/2018 12:50 AM

Workflow

Original: JIRA Bug Workflow w Kanban v7 - Restricted [ 2546148 ]

New: JAC Bug Workflow v2 [ 2854013 ]

Ignat (Inactive) made changes - 01/Feb/2018 12:09 PM

Workflow

Original: JIRA Bug Workflow w Kanban v6 - Restricted [ 1550480 ]

New: JIRA Bug Workflow w Kanban v7 - Restricted [ 2546148 ]

Owen made changes - 07/Jul/2016 7:05 AM

Workflow

Original: JIRA Bug Workflow w Kanban v6 [ 909815 ]

New: JIRA Bug Workflow w Kanban v6 - Restricted [ 1550480 ]

Tony Starr made changes - 06/Oct/2015 11:19 PM

Remote Link