One-click account takeover vulnerabilities in Atlassian domains patched
Check Point Research released a report on a series of vulnerabilities in Atlassian that have since been patched, stating that the bugs were found in the software solution provider’s online domains, used by thousands of enterprise clients worldwide. The vendor is based in Australia and provides tools such as Confluence, and Jira, a document collaboration platform and project management system respectively. Subdomains under atlassian.com including partners, developer, support, Confluence, Jira, and training were vulnerable to account takeover due to the bug.
Check Point explained that the exploit code utilizing the vulnerabilities in the subdomains could be deployed with one click by a victim on a malicious link. After this action is taken, a payload would then be sent on behalf of the victim and a user session would be stolen by the attackers. Researchers state that the vulnerability is linked to cross-site scripting and cross-site forgery attacks. The vulnerable domains also allowed threat actors to compromise sessions between the client and web server when a user accessed their account. These attacks could result in account hijacking, data theft, and obtaining access to Jira tickets.