Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing malicious users to execute arbitrary code on a system running the impacted software.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian fisheye |
||
atlassian crucible 4.5.0 |
||
atlassian crucible |
||
atlassian fisheye 4.5.0 |