Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Atlassian Confluence Server < 5.2 Multiple Vulnerabilities

Medium

Synopsis

The remote Confluence server is affected by multiple vulnerabilities.

Description

Versions of Confluence prior to 5.2 are affected by multiple vulnerabilities :

- A flaw exists as HTTP requests to 'restructureattachments.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a Cross-Site Request Forgery (CSRF/XSRF) attack causing the victim to restructure jobs. (OSVDB 124954) - A flaw exists as HTTP requests to 'admin/fixCaseInSpacePermissions.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to manipulate settings. (OSVDB 124955) - A flaw exists as HTTP requests to 'admin/osuser2atluser.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to perform user transfer actions. (OSVDB 124956) - A flaw exists as HTTP requests to 'admin/createMissingPersonalInfo.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to build personal information objects. (OSVDB 124957) - A flaw exists as HTTP requests to 'admin/dev/usermacros.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to manipulate user macros. (OSVDB 124958) - A flaw exists as HTTP requests to 'admin/dev/shortcuts.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to manipulate shortcuts. (OSVDB 124959) - A flaw exists as HTTP requests to 'admin/migratelocalgroups.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to perform local group migration recovery actions. (OSVDB 124960) - A flaw exists as HTTP requests to 'admin/fixCaseInNotifications.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to perform notification fix actions. (OSVDB 124961) - A flaw exists as HTTP requests to 'admin/fixcwdmemberships.jsp' do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a CSRF / XSRF attack causing the victim to perform membership repair actions. (OSVDB 124962) - A flaw exists that allows a stored cross-site scripting (XSS) attack. This flaw exists because the program does not validate input in space keys before returning it to users. This may allow an authenticated, remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (OSVDB 134832)

Solution

Upgrade to Confluence version 5.2 or later.