Confluence Connector information disclosure fix handling of Space Permissions (MINDBREEZE29127)

ID: MINDBREEZE29127 
Affected Components: Mindbreeze InSpire G7, Mndbreeze InSpire SaaS 
Severity: Critical 
Status: Final 
First published: October 6, 2023 
CVEs: MINDBREEZE29127 

Summary

Fix a problem with Atlassian Confluence Connector if space permissions are used in a specific way to override global permissions which could lead to information disclosure in the search.

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:  

• Mindbreeze InSpire 23.6 HF1 Release 
• Mindbreeze InSpire SaaS 23.6 HF1 Release