Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Fixes issued, warns it 'has not exhaustively enumerated all potential consequences' What do you want The Register to do for you?
Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security. The company's July security advisories detail "Servlet Filter dispatcher vulnerabilities." One of the flaws – CVE-2022-26136 – is described as an arbitrary Servlet Filter bypass that means an attacker could send a specially crafted HTTP request to bypass custom Servlet Filters used by third-party apps to enforce authentication. The...