Uploaded image for project: 'Content Formatting Development'
  1. Content Formatting Development
  2. CONTENTF-105

Critical Security Vulnerability CVE-2018-7489

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Done
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 6.0.0, 6.0.1, 6.1.0, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.10, 6.0.11, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.2.0, 6.2.2, 6.2.3, 6.2.4
    • Fix Version/s: 6.2.5
    • Component/s: None
    • Labels:
      None
    • Critical Points:
      0

      Description

      A security vulnerability in Content Formatting for Confluence version 6.0.0 - 6.2.4 (inclusive) has been discovered. The vulnerability, CVE-2018-7489, is classified as critical according to Atlassian's security severity levels.

      We strongly recommend customers using an affected version update to version 6.2.5 of Content Formatting immediately.

      How to fix the vulnerability

      This vulnerability can be fixed by upgrading Content Formatting to 6.2.5 or above. Full instructions on how to upgrade an app can be found on Atlassian's support page. If you're unable to update immediately, we recommend disabling Content Formatting until you are able to do so.

      Adaptavist is committed to providing powerful, yet secure applications for Atlassian products and we are unaware of any instances of this vulnerability being exploited across our customer base. If you have urgent questions please contact our support team.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            jmort Jon Mort
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: