Affected versions of Atlassian Fisheye & Crucible allow remote malicious users to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory. The affected versions are before version 4.8.5.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian crucible |
||
atlassian fisheye |