Versions Compared

Old Version 4

changes.mady.by.user Metin Savignano

Saved on

compared with

New Version 5

changes.mady.by.user Metin Savignano

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website.

Background

Cross-site request forgery (also known as Site Request Forgery (CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. When a user visits the affected web page, the Javascript executes within that user’s browser in the context of this domain. From here, an attacker could carry out additional actions that the user is able to perform, including accessing any of the user's data and modifying information within the user’s permissionsan attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. With the help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing.

Business Impact

If executed while an administrator is logged on to Jira, Confluence or Bitbucket, an attacker could use exploit the vulnerability to modify the configuration of the S/Notify app on that host. This can especially lead to email notifications being no longer encrypted when they should be.

...

The injection could be initiated by the user clicking a malicious link in an email or by visiting a malicious website.

Background

Cross-site request forgery (also known as Site Request Forgery (CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. When a user visits the affected web page, the Javascript executes within that user’s browser in the context of this domain. From here, an attacker could carry out additional actions that the user is able to perform, including accessing any of the user's data and modifying information within the user’s permissionsan attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. With the help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing.

Business Impact

If executed while the user is logged on to Jira, Confluence or Bitbucket, an attacker could use exploit the vulnerability to upload a specifically crafted S/MIME certificate or PGP key for the user, which would then be used to encrypt the email to that user. However, since this modification would lead to the user no longer being able to decrypt and read their notifications, the attack would not go unnoticed for long.

...