The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote malicious users to read files from the filesystem via a XXE vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian crowd |
||
atlassian crowd 3.1.0 |