Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Found the Bug while executed (VAPT) Vulnerability Assessment and Penetration Testing

Raj Prajapati
Raj Prajapati December 28, 2020

Dear Team,

As we have deployed the License version for Confluence Application on Server premises

License ID - (SEN-20218955).

This is regards to found the bugs for VAPT scanning which we have  deployed application on Windows server, hence we are looking out solutions as we found the bugs for confluence application.

Requesting you please have look and also assign some person which can contact us for further investigation and solutions.

 

NameRisk LevelNumber of InstancesDetailsRemarks
CSP: Wildcard DirectiveMedium44Details are attached in VAPT Reports 
Vulnerable JS LibraryMedium19Details are attached in VAPT Reports 
Absence of Anti-CSRF TokensLow38Details are attached in VAPT Reports 
Cookie No HttpOnly FlagLow23Details are attached in VAPT Reports 
Cookie Without SameSite AttributeLow25Details are attached in VAPT Reports 
Private IP DisclosureLow40Details are attached in VAPT Reports 
X-Content-Type-Options Header MissingLow86Details are attached in VAPT Reports 
Information Disclosure - Sensitive Information in URLInformational1Details are attached in VAPT Reports 
Information Disclosure - Suspicious CommentsInformational118Details are attached in VAPT Reports 
Timestamp Disclosure - UnixInformational326Details are attached in VAPT Reports 

Please Note - There is no attachment options for VAPT Scanning details reports.

Many Thanks.

Raj Prajapati

Mob +91 9892668573

Answer
Watch
Like Be the first to like this
829 views

1 answer

0 votes
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 28, 2020

Hi Raj,

the prodecure as for security issues with Atlassian is as follows:

Cheers,
Daniel

View More Comments
Raj Prajapati
Raj Prajapati January 19, 2021

Hi Daniel,

As per above issue we have also updated the above latest version but still VAPT scanning showing Vulnerability  exist in the system.

Can i get valuable support to resolve that issue.

Thanks

Raj Prajapati

Like
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 19, 2021

Hi @Raj Prajapati

there is no support here - this is Community where users help users.
This topic seems to me being full of more specific questions which you could direct to Atlassian Support - if an upgrade did not help.

https://support.atlassian.com/contact

Regards,
Daniel

Like
Raj Prajapati
Raj Prajapati January 19, 2021

Hi @Daniel Ebers 

Then how we can raise the bugs with Support Teams, as per security aspect thats are very major bugs which they have to resolve.

Please help us to raise the bugs to Support Teams.

Regards,

Raj 

Like
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 19, 2021

I pasted in a link in the answer above - you fill out a form and get a reply.
https://support.atlassian.com/contact

Like
Raj Prajapati
Raj Prajapati January 19, 2021

I have gone through given url but again raising ticket to community groups only.

Can you please show us the way to raise the ticket through confluence developer?

I will be appreciated for your help.

Regards,

Raj 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.