-
Bug
-
Resolution: Fixed
-
Low
-
None
-
None
-
Severity 3 - Minor
-
The mostActiveCommitters.do resource in Atlassian FishEye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks.
- is cloned from
-
FE-6892 mostActiveCommitters.do lacks permission checks - CVE-2017-9512
- Closed