2020-11-15

Some URLs were vulnerable to XSS. This has been reported by the Bug Bounty program and ranked as P3 severity level.

Please upgrade to the 9.0.9 version to fix them.

2020-11-12

Subversion ALM is subscribed to Atlassian’s Bug Bounty program and some vulnerable locations have been reported by the BugCrowd organization. Now, the atls_token is required from a lot of locations in Subversion ALM to protect against data modification via CSRF attacks. The vulnerability has been ranked with a P2 severity level

...