Vulnerability in Atlassian Bitbucket Server
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
EPSS: 0.002 (45.4th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Bitbucket Server — versions prior to 5.6.0
References
- jira.atlassian.com/browse/BSERV-10592 (x_refsource_CONFIRM)