It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their choice on systems that run a vulnerable version of Bamboo.

Affected versions:

• All versions of Bamboo before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability.

Fix:

• Bamboo version 6.2.5 is available to download from https://www.atlassian.com/software/bamboo/download.
• Bamboo version 6.1.6 is available to download from https://www.atlassian.com/software/bamboo/download-archives.

Acknowledgements
Atlassian would like to credit Sebastian Perez for reporting this issue to us.

For additional details see the full advisory.