Crowd 2.0 : Crowd Security Advisory 2008-10-14 - Parameter Injection Vulnerability
This page last changed on Oct 13, 2008 by smaddox.
In this advisory: Parameter Injection Vulnerability in CrowdSeverityAtlassian rates this vulnerability as critical, according to the scale published in Crowd Security Advisories and Fixes. The scale allows us to rank a vulnerability as critical, high, moderate or low. Risk AssessmentWe have identified and fixed a flaw which would allow a malicious user (hacker) to inject their own values into a Crowd request by adding parameters to the URL string. This would allow a hacker to bypass Crowd's security checks and perform actions that they are not authorised to perform. Risk MitigationTo address the issue, you should upgrade Crowd as soon as possible. Please follow the instructions in the 'Fix' section below. If you judge it necessary, you can block all untrusted IP addresses from accessing Crowd. VulnerabilityA hacker can design a URL string containing parameters which perform specific actions on the Crowd server, bypassing Crowd's security checks. This is because Crowd does not adequately sanitise user input before applying it as an action on the server. Exploiting this issue could allow an attacker to access or modify data and compromise the Crowd application. The following Crowd versions are vulnerable: All versions from 1.0 to 1.5.0 inclusive. FixPlease download the relevant upgrade file for your version of Crowd from the download centre as follows:
|
![]() |
Document generated by Confluence on Jul 30, 2009 01:29 |