-
Bug
-
Resolution: Fixed
-
Medium
-
4.5.3
-
None
-
Severity 2 - Major
-
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
- is related to
-
CRUC-8312 The administrative smart-commits resource was vulnerable to Cross-site request forgery (CSRF) - CVE-2018-13398
- Closed