Host-Header injection possible with recent SAML SSO versions

Advisory Release Date



SAML Single Sign On (SSO) for JIRA

SAML Single Sign On (SSO) for Confluence

SAML Single Sign On (SSO) Bitbucket

SAML Single Sign On (SSO) for Bamboo

SAML Single Sign On (SSO) for Fisheye

Affected SAML SSO versions

2.0.8 - 3.3.2

Fixed SAML SSO versions

3.4.0 for Jira, Confluence and Bitbucket; 2.5.5 for Bamboo/Fisheye

CVSS Score: Base Score / Temporal Score5.3


This advisory discloses a medium severity security vulnerability affecting SAML Single Sign On Plugin since Version 2.0.8.

Please upgrade your Installations to fix this vulnerability. Please be aware that enabling Alternate AssertionConsumerServiceURL in SAML-Request could keep your system vulnerable.


The Atlassian APIs provide methods to detect the applications absolute base-URL (e.g. These methods rely on the request's host-header. Older versions of SAML Single Sign On use that information to generate several URLs, including the AssertionConsumerServiceURL in the SAML-requests. By overriding the Host-header, an attacker could potentially change these values to redirect users to a malicous server. Fixed versions are using relative URLs or the application's configured base URL when generating URLs. Please be aware that there is on excemption to this when enabling Alternate AssertionConsumerServiceURL in SAML-Request.

In a scenario of several hosted web apps or websites on the same ip address, the web server uses the host header to decide where to send the HTTP request to. If an attacker is able to modify the host header, the user is redirected to the host as specified by the attacker.

Fortunately, attack vectors are rather limited, altering the host header is not easy. Two attack vectors are

  • Web-cache poisoning (An attacker needs to modify a caching mechanism between your Atlassian product and the user. The cache then serves the malicious host and the victim is redirected to it.)
  • Password Reset Poisoning (An attacker sends a password reset email to the victim with a malicious host, thus the victim will be redirected to the attacker's side and needs to enter their password. In consequence, the attacker gains knowledge of the password).

Please see for further information.

What You Need to Do

In general, please update the SAML SSO plugins to the latest versions, especially for versions 2.0.8 to 2.5.0 and 3.0.0 to 3.1.5 of the SAML SSO plugin.

For versions 2.5.1 to 2.5.4 and 3.1.6 to 3.3.1, one important attack vector was closed, but please also considering updating the plugin.

If you cannot update the plugin, configure your reverse proxy to prevent cache poisoning with alternative host headers, e.g. by deactivating caching at all or by not using the Atlassian app as the default backend. Please note, that this does not close all attack vectors.

If you need help with either if these courses of action, please raise a support request via our Support Portal


If you have questions or concerns regarding this advisory, please raise a support request via our Support Portal.