Details
-
Bug
-
Resolution: Fixed
-
Medium
-
4.5.3
-
None
-
Severity 2 - Major
-
Description
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
Attachments
Issue Links
- is related to
-
CRUC-8312 The administrative smart-commits resource was vulnerable to Cross-site request forgery (CSRF) - CVE-2018-13398
- Closed