Cloud provider Atlassian has moved to patch what a security researcher describes as a backdoor in its enterprise single sign-on Crowd service. However, the company is disputing Command Five's assertion that a second, as-yet-unpatched vulnerability remains. Command Five's advisory states that XML DTD (document type definition) …
The first time through I read that as "Alsatian", and thought, wow, most people are happy enough to get their dogs to fetch...
Atlassian plugging the backdoor
I'd prefer to hear about Atlassian plugging the backdoor.
Any word on why they didn't fix this vulnerability a year ago when it was first reported to them?
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
- Breaking Fad 4K-ing excellent TV is on its way ... in its own sweet time, natch