Some URLs were vulnerable to XSS. This has been reported by the Bug Bounty program and ranked as P3 severity level.
Please upgrade to the 9.0.9 version to fix them.
Subversion ALM is subscribed to Atlassian’s Bug Bounty program and some vulnerable locations have been reported by the BugCrowd organization. Now, the atls_token is required from a lot of locations in Subversion ALM to protect against data modification via CSRF attacks. The vulnerability has been ranked with a P2 severity level
Please upgrade to the 9.0.8 version to fix them.
More XSS and IDOR vulnerabilities have been reported and fixed in this third round by the seam team of ethical hackers.
Please upgrade to the 9.0.7 version to fix all of them.
More XSS vulnerabilities have been reported and fixed in this second round by the seam team of ethical hackers.
Please upgrade to the 9.0.6 version to fix all of them.
We have contracted ethical Russian hackers to find vulnerabilities of our apps. After the research work, they reported a number of vulnerable URLs that a malicious Jira user could exploit to perform XSS attacks.
All of them have been fixed in the 9.0.5 version. You are strongly encouraged to upgrade ASAP.
On 2020-02-20, SySS, a company specialized in penetration tests, kindly has reported us three vulnerable ULRs affecting to Subversion ALM app for Server and Data Center editions.
The vulnerability has been fixed in the 8.8.2 version, therefore all the previous versions are vulnerable. You are strongly encouraged to upgrade to the latest version of Subversion ALM ASAP. Upgrading to the 8.8.2 version resolves the issue.
The vulnerability can be exploded from the built-in Web Client For Subversion (formerly Polarion) by providing XSS code from some URL parameters. This causes an internal error and the subsequent message dialog executes the malicious code on the user’s browser.
It has been rated as a MEDIUM security risk level by SySS company.