Auditing Atlassian Plugins, 53 0-Days Later
The blog post reveals 53 zero-day vulnerabilities in Atlassian plugins, emphasizing the need for regular audits and caution due to potential security risks like XSS, session hijacking, and unauthorized actions.
Read original article
The blog post discusses the auditing of Atlassian plugins, revealing the discovery of 53 zero-day vulnerabilities. It begins by examining the Atlassian marketplace, where plugins are listed under certain security requirements, although the review process lacks transparency regarding the frequency and nature of security checks. The post details the structure of plugins, particularly focusing on the atlassian-plugin.xml file, which describes the plugin's functionality. A specific example of a macro is provided, illustrating how user-controlled input can lead to cross-site scripting (XSS) vulnerabilities due to inadequate input validation and output sanitization.
The authors highlight the potential impact of XSS vulnerabilities, including session hijacking and unauthorized actions performed on behalf of victims. They outline their methodology for identifying vulnerabilities, which includes downloading, decompiling, and analyzing plugins, followed by dynamic testing. To streamline this process, they developed a tool named "atlpie" to automate tasks such as scraping plugins and extracting information.
The ongoing research has led to the identification of multiple vulnerabilities across various plugins, with a commitment to responsibly disclose these issues to Atlassian. The authors conclude by advising caution in using plugins, emphasizing the need for regular audits and awareness of the additional security risks they introduce. The post serves as a reminder that reliance on vendor assurances regarding plugin security may not be sufficient.
Related
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
A supply-chain attack compromised 36,000 websites using backdoored WordPress plugins. Malicious code added to updates creates attacker-controlled admin accounts, manipulating search results. Users urged to uninstall affected plugins and monitor for unauthorized access.
5 WordPress Plugins Compromised; Millions of Websites at Risk
Millions of WordPress sites face security risks from hacked plugins allowing unauthorized access. Owners urged to check, deactivate compromised plugins, update regularly, use strong passwords, two-factor authentication, and security plugins.
3M iOS and macOS apps were exposed to potent supply-chain attacks
Vulnerabilities in CocoaPods server exposed 3 million apps to supply-chain attacks for a decade. Flaws allowed hackers to inject malicious code, compromising sensitive user data. Developers urged to prioritize security measures.
Over 1M websites are at risk of sensitive information leakage
Over one million websites face risks of sensitive data leakage due to XSS and OAuth vulnerabilities. Hotjar's JavaScript code analysis revealed exploitable weaknesses, prompting recommendations for enhanced security measures.
Our Audit of Homebrew
Trail of Bits audited Homebrew, identifying non-critical security issues like sandbox escapes and unauthorized modifications. Risks in CI/CD workflows could expose credentials, highlighting the need for improved security practices.
0 commentsRelated
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
A supply-chain attack compromised 36,000 websites using backdoored WordPress plugins. Malicious code added to updates creates attacker-controlled admin accounts, manipulating search results. Users urged to uninstall affected plugins and monitor for unauthorized access.
5 WordPress Plugins Compromised; Millions of Websites at Risk
Millions of WordPress sites face security risks from hacked plugins allowing unauthorized access. Owners urged to check, deactivate compromised plugins, update regularly, use strong passwords, two-factor authentication, and security plugins.
3M iOS and macOS apps were exposed to potent supply-chain attacks
Vulnerabilities in CocoaPods server exposed 3 million apps to supply-chain attacks for a decade. Flaws allowed hackers to inject malicious code, compromising sensitive user data. Developers urged to prioritize security measures.
Over 1M websites are at risk of sensitive information leakage
Over one million websites face risks of sensitive data leakage due to XSS and OAuth vulnerabilities. Hotjar's JavaScript code analysis revealed exploitable weaknesses, prompting recommendations for enhanced security measures.
Our Audit of Homebrew
Trail of Bits audited Homebrew, identifying non-critical security issues like sandbox escapes and unauthorized modifications. Risks in CI/CD workflows could expose credentials, highlighting the need for improved security practices.