Documentation for GreenHopper 6.2.x. Documentation for other versions of JIRA Agile is available too.
GreenHopper is now called JIRA Agile. Learn more.
In this advisory:
XSS Vulnerabilities
深刻度
Atlassian rates these vulnerabilities as high, according to the scale published in Severity Levels for Security Issues. The scale allows us to rank a vulnerability as critical, high, moderate or low.
Risk Assessment
We have identified and fixed several cross-site scripting (XSS) vulnerabilities in GreenHopper, which may affect JIRA instances that are running the GreenHopper plugin. These vulnerabilities have security implications and are especially important for anyone running publicly accessible instances of JIRA/GreenHopper.
- An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to the attacker's own web server. The attacker could potentially then gain control over the underlying JIRA system and/or the underlying operating system, based on the privileges of the user whose credentials had been stolen.
- An attacker's text and script might be displayed to other people viewing a GreenHopper page. This is potentially damaging to your company's reputation.
You can read more about XSS attacks at cgisecurity, CERT and other places on the web.
Vulnerability
All versions of GreenHopper are affected by these XSS vulnerabilities.
An attacker can inject their own JavaScript into the following GreenHopper pages:
- 'Add Version' popup
- /secure/Configuration.jspa
- /secure/GetBoardForIssue.jspa
- /secure/GHAddIssue.jspa
- /secure/SetCCBStartDate.jspa
Risk Mitigation
We strongly recommend upgrading your GreenHopper plugin to fix these vulnerabilities. Please see the 'Fix' section below.
修正
These issues have been fixed in:
- GreenHopper 4.4.1 (which is compatible with JIRA 4.1.x) and
- GreenHopper 4.3.2 (which is compatible with JIRA 4.0.x).
Visibility of Project and Version names to non-logged-in users
深刻度
Atlassian rates this vulnerability as moderate, according to the scale published in Severity Levels for Security Issues. The scale allows us to rank a vulnerability as critical, high, moderate or low.
Risk Assessment
We have identified and fixed a vulnerability in GreenHopper, which may affect JIRA instances that are running the GreenHopper plugin. The vulnerability allows the list of Projects and Versions to be viewed by users who are not logged in to JIRA/GreenHopper.
- The name of a project might be visible to unauthorised users.
- The names of versions in a project might be visible to unauthorised users.
Vulnerability
All versions of GreenHopper are affected by this visibility vulnerability.
A user who is not logged in to JIRA/GreenHopper can see project names and version names in the drop-down lists on the GreenHopper 'Planning Board', 'Task Board', 'Release Board' or 'Charts Board'.
Risk Mitigation
We strongly recommend upgrading your GreenHopper plugin to fix this vulnerability. Please see the 'Fix' section below.
修正
These issues have been fixed in:
- GreenHopper 4.4.1 (which is compatible with JIRA 4.1.x) and
- GreenHopper 4.3.2 (which is compatible with JIRA 4.0.x).
概要
コンテンツ ツール
アプリ
Log a request with our support team.
Raise an issue for our developers.
See answers from the community.
Tweet, blog and update our documentation.
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.