Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 6.9.0, 6.8.2
Affects Version/s: 6.0.5
Component/s: AppLinks
Labels:

Symptom Severity:
Severity 1 - Critical
Bug Fix Policy:
View Atlassian Server bug fix policy

The version of the Application Links plugin used in Bamboo before version 6.8.2 allows remote attackers to obtain information about configured application links via a missing permissions check. See https://ecosystem.atlassian.net/browse/APL-1386 for more details.

is related to

CWD-5510 Information disclosure in the listEntityLinks servlet resource - CVE-2019-15011

Closed

APL-1386 Loading...

relates to

JRASERVER-70409 Information disclosure in the listEntityLinks servlet resource of the Application links plugin - CVE-2019-15011

Closed

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 17/Dec/2019 4:10 AM

Updated:: 03/Jun/2023 6:16 AM

Resolved:: 17/Dec/2019 4:11 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates