CVE-2017-18041
https://notcve.org/view.php?id=CVE-2017-18041
The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release. El recurso viewDeploymentVersionJiraIssuesDialog en Atlassian Bamboo, en versiones anteriores a la 6.2.0, permite que atacantes remotos inyecten HTML o JavaScript arbitrario mediante una vulnerabilidad Cross-Site Scripting (XSS) en el nombre de una versión. • http://www.securityfocus.com/bid/103071 https://jira.atlassian.com/browse/BAM-19662 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-18040
https://notcve.org/view.php?id=CVE-2017-18040
The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release. El recurso viewDeploymentVersionCommits en Atlassian Bamboo, en versiones anteriores a la 6.2.0, permite que atacantes remotos inyecten HTML o JavaScript arbitrario mediante una vulnerabilidad Cross-Site Scripting (XSS) en el nombre de una versión. • http://www.securityfocus.com/bid/103070 https://jira.atlassian.com/browse/BAM-19661 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-18082
https://notcve.org/view.php?id=CVE-2017-18082
The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a branch. El recurso de ramas de configuración de plan en Atlassian Bamboo, en versiones anteriores a la 6.2.3, permite que atacantes remotos inyecten HTML o JavaScript arbitrario mediante una vulnerabilidad Cross-Site Scripting (XSS) en el nombre de una rama. • https://jira.atlassian.com/browse/BAM-19666 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-14589
https://notcve.org/view.php?id=CVE-2017-14589
It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their choice on systems that run a vulnerable version of Bamboo. All versions of Bamboo before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability. Era posible que ocurriese una evaluación doble de OGNL en las plantillas de FreeMarker con etiquetas Struts FreeMarker. Un atacante que cuente con derechos restringidos de administración en Bamboo o que aloje un sitio web que visite un administrador de Bamboo es capaz de explotar esta vulnerabilidad para ejecutar el código Java que elija en sistemas que ejecuten una versión vulnerable de Bamboo. • http://www.securityfocus.com/bid/102188 https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2017-12-13-939939816.html https://jira.atlassian.com/browse/BAM-18842 • CWE-20: Improper Input Validation •
CVE-2017-14590
https://notcve.org/view.php?id=CVE-2017-14590
Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. An attacker who has permission to create a repository in Bamboo, edit an existing plan that has a non-linked Mercurialrepository, create or edit a plan when there is at least one linked Mercurial repository that the attacker has permission to use, or commit to a Mercurial repository used by a Bamboo plan which has branch detection enabled can execute code of their choice on systems that run a vulnerable version of Bamboo Server. Versions of Bamboo starting with 2.7.0 before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability. Bamboo no comprobó que el nombre de una rama en un repositorio de Mercurial contenía parámetros de argumento. Un atacante que tiene permiso para crear un repositorio en Bamboo, editar un plan existente que tenga un repositorio de Mercurial no enlazado, crear o editar un plan en el que haya al menos un repositorio de Mercurial enlazado para el que el atacante tenga permiso de utilización, o commit con ID en un repositorio de Mercurial empleado por un plan Bamboo con la detección de ramas habilitada puede ejecutar el código que elija en sistemas que ejecuten una versión vulnerable de Bamboo Server. • http://www.securityfocus.com/bid/102193 https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2017-12-13-939939816.html https://jira.atlassian.com/browse/BAM-18843 •