Feeds

back to article Atlassian plugs XML parsing vulnerability

Cloud provider Atlassian has moved to patch what a security researcher describes as a backdoor in its enterprise single sign-on Crowd service. However, the company is disputing Command Five's assertion that a second, as-yet-unpatched vulnerability remains. Command Five's advisory states that XML DTD (document type definition) …

COMMENTS

This topic is closed for new posts.
Silver badge

The first time through I read that as "Alsatian", and thought, wow, most people are happy enough to get their dogs to fetch...

0
0
Anonymous Coward

Atlassian plugging the backdoor

I'd prefer to hear about Atlassian plugging the backdoor.

Any word on why they didn't fix this vulnerability a year ago when it was first reported to them?

0
0
This topic is closed for new posts.