Uploaded image for project: 'Content Formatting Development'
  1. Content Formatting Development
  2. CONTENTF-105

Critical Security Vulnerability CVE-2018-7489

    Details

    • Type: Bug
    • Status: Done (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 6.0.0, 6.0.1, 6.1.0, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.10, 6.0.11, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.2.0, 6.2.2, 6.2.3, 6.2.4
    • Fix Version/s: 6.2.5
    • Labels:
      None
    • Critical Points:
      0

      Description

      A security vulnerability in Content Formatting for Confluence version 6.0.0 - 6.2.4 (inclusive) has been discovered. The vulnerability, CVE-2018-7489, is classified as critical according to Atlassian's security severity levels.

      We strongly recommend customers using an affected version update to version 6.2.5 of Content Formatting immediately.

      How to fix the vulnerability

      This vulnerability can be fixed by upgrading Content Formatting to 6.2.5 or above. Full instructions on how to upgrade an app can be found on Atlassian's support page. If you're unable to update immediately, we recommend disabling Content Formatting until you are able to do so.

      Adaptavist is committed to providing powerful, yet secure applications for Atlassian products and we are unaware of any instances of this vulnerability being exploited across our customer base. If you have urgent questions please contact our support team.

        Attachments

          Structure

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              jmort Jon Mort
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Structure Helper Panel