Uploaded image for project: 'FishEye'
  1. FishEye
  2. FE-6892

mostActiveCommitters.do lacks permission checks - CVE-2017-9512

XMLWordPrintable

      The mostActiveCommitters.do resource in Atlassian FishEye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks.

            Unassigned Unassigned
            pswiecicki Piotr Swiecicki
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: