-
Bug
-
Resolution: Fixed
-
Medium
-
4.5.3
-
None
-
Severity 2 - Major
-
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
- relates to
-
FE-7100 The administrative smart-commits resource was vulnerable to Cross-site request forgery (CSRF) - CVE-2018-13398
- Closed