Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-5070

The administration backup restore resource was vulnerable to XXE - CVE-2017-18110

    XMLWordPrintable

Details

    Description

      The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.

      Attachments

        Activity

          People

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: