Confluence Security Advisory 2006-01-23
Confluence Security Overview and Advisories
- Confluence Community Security Advisory 2006-01-19
- Confluence Security Advisory 2005-02-09
- Confluence Security Advisory 2005-12-05
- Confluence Security Advisory 2006-01-20
- Confluence Security Advisory 2006-01-23
- Confluence Security Advisory 2006-06-14
- Confluence Security Advisory 2007-07-26
- Confluence Security Advisory 2007-08-08
- Confluence Security Advisory 2007-11-19
- Confluence Security Advisory 2007-11-27
- Confluence Security Advisory 2007-12-14
- Confluence Security Advisory 2008-01-24
- Confluence Security Advisory 2008-03-06
- Confluence Security Advisory 2008-03-19
- Confluence Security Advisory 2008-05-21
- Confluence Security Advisory 2008-07-03
- Confluence Security Advisory 2008-09-08
- Confluence Security Advisory 2008-10-14
- Confluence Security Advisory 2008-12-03
- Confluence Security Advisory 2009-01-07
- Confluence Security Advisory 2009-02-18
- Confluence Security Advisory 2009-04-15
- Confluence Security Advisory 2009-06-01
- Confluence Security Advisory 2009-06-16
- Confluence Security Advisory 2009-08-20
- Confluence Security Advisory 2009-10-06
- Confluence Security Advisory 2009-12-08
- Confluence Security Advisory 2010-05-04
- Confluence Security Advisory 2010-06-02
- Confluence Security Advisory 2010-07-06
- Confluence Security Advisory 2010-08-17
- Confluence Security Advisory 2010-09-21
- Confluence Security Advisory 2010-10-12
- Confluence Security Advisory 2010-11-15
- Confluence Security Advisory 2011-01-18
- Confluence Security Advisory 2011-03-24
- Confluence Security Advisory 2011-05-31
- Confluence Security Advisory 2012-05-17
- Confluence Security Advisory 2012-09-04
- Confluence Security Advisory 2012-09-11
- Confluence Security Advisory 2013-08-05
- Confluence Security Advisory 2014-02-26
- Confluence Security Advisory 2014-05-21
- Confluence Security Advisory - 2015-01-21
- Confluence Security Advisory - 2016-09-21
- Confluence Security Advisory - 2017-04-19
- Confluence Security Advisory - 2019-03-20
- Confluence Security Advisory - 2019-04-17
- Confluence Security Advisory - 2019-08-28
- Confluence Security Advisory - 2019-12-18
- Confluence Security Advisory - 2021-08-25
- Multiple Products Security Advisory - Unrendered unicode bidirectional override characters - CVE-2021-42574 - 2021-11-01
- Multiple Products Security Advisory - Hazelcast Vulnerable To Remote Code Execution - CVE-2016-10750
- Confluence Security Advisory 2022-06-02
- Questions For Confluence Security Advisory 2022-07-20
On this page
Related content
- The Mail Queue
- Health Check: Mail Error Queue
- Health Check: Mail Queue
- Confluence fails to send emails with User Unknown error when using Exchange and the number of failures is displayed in the Error Queue
- Email Messages Are Not Sent Due to 'java.lang.ClassCastException com.atlassian.confluence.mail.template.ConfluenceMailQueueItem'
- Configuring a Server for Outgoing Mail
- Configuring a Server for Outgoing Mail
- How to get the message id of the email notification that is sent successfully from confluence, but not received in the mail box of the user
- Unable to Receive Email Notifications From Confluence
- 554 Relay Rejected for Policy Reasons Errors when Sending Mail from Confluence
A flaw has been found in Confluence by which the unrestricted content of a space can be revealed in search results.
Vulnerability
By entering in a space key and blank query string into the Search macro, pages from the specified space will be displayed, without filtering on page and space permissions. This can allow unpermitted users to view the excerpts of pages they don't have access to.
This flaw is confirmed to affect all releases from 1.4 to 2.1.2.
More information is available at CONF-5189.
Fix
This vulnerability is fixed in Confluence 2.1.3 and later. We strongly suggest that customers upgrade to this release to fix the vulnerability.
Customers who are using 1.4.x and do not wish to upgrade can download a patched class from CONF-5198.
Last modified on Jan 20, 2006
Related content
- The Mail Queue
- Health Check: Mail Error Queue
- Health Check: Mail Queue
- Confluence fails to send emails with User Unknown error when using Exchange and the number of failures is displayed in the Error Queue
- Email Messages Are Not Sent Due to 'java.lang.ClassCastException com.atlassian.confluence.mail.template.ConfluenceMailQueueItem'
- Configuring a Server for Outgoing Mail
- Configuring a Server for Outgoing Mail
- How to get the message id of the email notification that is sent successfully from confluence, but not received in the mail box of the user
- Unable to Receive Email Notifications From Confluence
- 554 Relay Rejected for Policy Reasons Errors when Sending Mail from Confluence
Powered by Confluence and Scroll Viewport.