Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 prior to 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 prior to 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 prior to 5.6.3 (the fixed version for 5.6.x), from version 5.7.0 prior to 5.7.1 (the fixed version for 5.7.x) and prior to 5.8.0 allow remote malicious users to conduct clickjacking attacks via framing various resources that lacked clickjacking protection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian bitbucket |