Loading...

Log in Skip to main content Skip to sidebar

Loading…

Dashboards
Projects
Issues

Give feedback to Atlassian
Help
Log In

Export - CSV (All fields)

Export - CSV (Current fields)

Choose a delimiter

Comma (,)

Semicolon (;)

Vertical bar (|)

Caret (^)

XWIKI-23247
HQL injection via wiki and space search REST API
XWIKI-23151
PDF export jobs store sensitive cookies unencrypted in job statuses
XWIKI-23096
Reflected XSS vulnerability in extension and job_status_json templates
XWIKI-22859
Users with just edit right can enforce required rights with programming right
XWIKI-22811
Any user with edit right can access all user's password hashes or other accessible password properties through Database List Properties
XWIKI-22810
Passwords and emails stored in fields not named password/email exposed in xml.vm
XWIKI-22799
Required rights analyzers of the raw, HTML and cache macro are case-sensitive
XWIKI-22763
No required right warnings about wiki syntax in macro parameters with wiki syntax
XWIKI-22760
Remote code execution through default value of wiki macro wiki-type parameters
XWIKI-22759
No required right warnings about wiki syntax in the content macro's source parameter
XWIKI-22758
No required right warnings about wiki syntax in the context macro's source parameter
XWIKI-22736
Title of inaccessible pages available through the class property values REST API
XWIKI-22719
Remote code execution through preview of XClass changes in AWM editor
XWIKI-22490
The WikiManager REST API allows any user to create wikis
XWIKI-22487
Open redirect through HTML conversion request filter
XWIKI-22476
No required right warnings for XClass definitions
XWIKI-22474
The Solr script service doesn't take dropped programming right into account
XWIKI-22471
No warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
XWIKI-22470
No warning when granting XWiki.Notifications.Code.NotificationDisplayerClass admin right
XWIKI-22462
The lesscss script service allows cache clearing without programming right
XWIKI-22460
No warning when granting XWiki.ComponentClass programming right
XWIKI-22139
Upgrade to dompurify 3.1.1
XWIKI-22030
Remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList
XWIKI-22002
The required rights analysis doesn't consider TextAreas with default content type
XWIKI-21890
Remote code execution through the extension sheet
XWIKI-21810
XSS through XClass name in string properties
XWIKI-21663
Scheduler in subwiki allows scheduling operations for any main wiki user
XWIKI-21626
XSS through conflict resolution
XWIKI-21611
Disabling a user account changes its author, allowing RCE from user account
XWIKI-21474
Remote code execution from account via SearchSuggestSourceSheet
XWIKI-21473
Remote code execution from account via SearchSuggestConfigSheet
XWIKI-21472
Remote code execution via DatabaseSearch
XWIKI-21471
Remote code execution through space title and Solr space facet
XWIKI-21438
Remote code execution from view right on Panels.PanelLayoutUpdate
XWIKI-21416
CSRF remote code execution through scheduler job's document reference
XWIKI-21411
Privilege escalation (PR) from edit in multilingual wikis via translations
XWIKI-21337
Privilege escalation (PR) from user registration through PDFClass
XWIKI-21335
Privilege escalation (PR) from account through UIExtension parameters
XWIKI-21208
Solr search discloses password hashes of all users
XWIKI-21207
RCE from script right in configurable sections
XWIKI-21200
RCE from account through SearchAdmin
XWIKI-21194
Remote code execution through class name in configurable section
XWIKI-21173
RCE via first name in user registration
XWIKI-21167
XSS/CSRF RCE in XWiki.ConfigurableClass
XWIKI-21138
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service
XWIKI-21122
Remote code execution/programming rights through document reference with configuration section from edit right
XWIKI-21121
Remote code execution/programming rights through heading of configuration sections with edit rights
XWIKI-21095
RXSS through revision parameter in content menu
XWIKI-20962
XSS from account in the create page form via template provider
XWIKI-20961
XSS with edit right in the create document form for existing pages

Refresh results

{"errorMessages":["You are not authorised to perform this operation. Please log in."],"errors":{}}

[{"id":-1,"name":"My open issues","jql":"assignee = currentUser() AND resolution = Unresolved order by updated DESC","isSystem":true,"sharePermissions":[],"requiresLogin":true},{"id":-2,"name":"Reported by me","jql":"reporter = currentUser() order by created DESC","isSystem":true,"sharePermissions":[],"requiresLogin":true},{"id":-4,"name":"All issues","jql":"order by created DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false},{"id":-5,"name":"Open issues","jql":"resolution = Unresolved order by priority DESC,updated DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false},{"id":-9,"name":"Done issues","jql":"statusCategory = Done order by updated DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false},{"id":-3,"name":"Viewed recently","jql":"issuekey in issueHistory() order by lastViewed DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false},{"id":-6,"name":"Created recently","jql":"created >= -1w order by created DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false},{"id":-7,"name":"Resolved recently","jql":"resolutiondate >= -1w order by updated DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false},{"id":-8,"name":"Updated recently","jql":"updated >= -1w order by updated DESC","isSystem":true,"sharePermissions":[],"requiresLogin":false}]

0.3

0

Atlassian Jira Project Management Software
About Jira
Report a problem

Powered by a free Atlassian Jira open source license for XWiki.org. Try Jira - bug tracking software for your team.