Vulnerability in Atlassian Crucible
CVE-2021-43957
Affected versions of Atlassian Fisheye & Crucible allowed remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory and bypass the fix for CVE-2020-29446 due to a lack of…
EPSS: 0.002 (39.8th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Crucible — versions unspecified
- Atlassian Fisheye — versions unspecified
References
- jira.atlassian.com/browse/FE-7388 (x_refsource_MISC)
- jira.atlassian.com/browse/CRUC-8524 (x_refsource_MISC)