A vulnerability, which was classified as critical, has been found in JetBrains YouTrack Plugin up to 1.8.1.2 on Confluence (Atlassian Confluence Plugin). This issue affects some unknown functionality of the component Template Handler. The manipulation of the argument link-text-template with an unknown input leads to a injection vulnerability. Using CWE to declare the problem leads to CWE-74. The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

In JetBrains YouTrack Confluence plugin versions before 1.8.1.3, it was possible to achieve Server Side Template Injection. The attacker could add an Issue macro to the page in Confluence, and use a combination of a valid id field and specially crafted code in the link-text-template field to execute code remotely.

The weakness was shared 07/03/2019. The identification of this vulnerability is CVE-2019-10100 since 03/26/2019. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1055 according to MITRE ATT&CK.

Upgrading to version 1.8.1.3 eliminates this vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Type

• Atlassian Confluence Plugin

Vendor

• JetBrains

Name

• YouTrack Plugin

Version

• 1.8.1.0
• 1.8.1.1
• 1.8.1.2

License

• free

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion