It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their choice on systems that run a vulnerable version of Bamboo.
- All versions of Bamboo before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability.
- Bamboo version 6.2.5 is available to download from https://www.atlassian.com/software/bamboo/download.
- Bamboo version 6.1.6 is available to download from https://www.atlassian.com/software/bamboo/download-archives.
Atlassian would like to credit Sebastian Perez for reporting this issue to us.
For additional details see the full advisory.