Uploaded image for project: 'FishEye'
  1. FishEye
  2. FE-7287

CSRF in the setup resources - CVE-2020-4018

XMLWordPrintable

      The setup resources in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to complete the setup process via a cross-site request forgery (CSRF) vulnerability.

            [FE-7287] CSRF in the setup resources - CVE-2020-4018

            Marek Parfianowicz made changes -
            Labels Original: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium release-48x release-490 security New: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium release-48x security
            Marek Parfianowicz made changes -
            Labels Original: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium release-490 security New: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium release-48x release-490 security
            Marek Parfianowicz made changes -
            Labels Original: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium security New: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium release-490 security
            Erin Jensby made changes -
            Labels Original: advisory advisory-to-release bugbounty csrf cve-2020-4018 cvss-medium security New: advisory advisory-released bugbounty csrf cve-2020-4018 cvss-medium security
            David Black made changes -
            Link Original: This issue relates to CRUC-8471 [ CRUC-8471 ]
            David Black made changes -
            Link New: This issue relates to CRUC-8471 [ CRUC-8471 ]
            David Black made changes -
            Due Date Original: 16/Jul/2020
            David Black made changes -
            Labels Original: advisory advisory-to-release breaches-security-sla bugbounty csrf cve-2020-4018 cvss-medium security New: advisory advisory-to-release bugbounty csrf cve-2020-4018 cvss-medium security
            David Black made changes -
            Resolution New: Fixed [ 1 ]
            Status Original: Closed [ 6 ] New: Closed [ 6 ]
            Security Metrics Bot made changes -
            Due Date New: 16/Jul/2020

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Affected customers:
              0 This affects my team
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: