Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Submission + - JBoss security incident (jboss.org)

jbatista writes: The JBoss community announced on April 19th that their free Atlassian JIRA instance was targeted by a supposedly previously unknown XSS attack, "which allowed administrative access to the JIRA instance on April 11th, 2010, and subsequently user credentials from a backend database, containing passwords hashed without a random salt." Further details are provided in their announcement. In the meantime, jboss.org account owners (forums, etc.) should be receiving PGP-signed emails providing two links, one for the announcement (the first one leads to an inexistent page, so see the link above) and one for the lost password page in order to change their account password.

Slashdot Top Deals

panic: can't find /

Working...