Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Fisheye和Crucible 安全漏洞
Vulnerability Description
Atlassian Fisheye和Crucible都是澳大利亚Atlassian公司的产品。Atlassian Fisheye是一套源代码深度查看软件。Crucible是一套代码审查工具。 Atlassian Fisheye和Crucible 4.8.0之前版本中的/json/profile/removeStarAjax.do资源存在安全漏洞。远程攻击者可利用该漏洞移除用户设置。
CVSS Information
N/A
Vulnerability Type
N/A