-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Medium
-
Resolution: Fixed
-
Affects Version/s: None
-
Component/s: None
-
Symptom Severity:Severity 2 - Major
-
Bug Fix Policy:
The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.