Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have 'can add repository permission', to enumerate the existence of internal network and filesystem resources via a Server-Side Request Forgery (SSRF) vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Fisheye和Crucible 代码问题漏洞
Vulnerability Description
Atlassian Fisheye和Crucible都是澳大利亚Atlassian公司的产品。Atlassian Fisheye是一套源代码深度查看软件。Crucible是一套代码审查工具。 Atlassian Fisheye和Crucible 4.8.9 之前的 DefaultRepositoryAdminService 类存在安全漏洞,该漏洞允许具有“可以添加存储库权限”的远程攻击者通过服务器端请求伪造 (SSRF) 漏洞枚举内部网络和文件系统资源的存在。
CVSS Information
N/A
Vulnerability Type
N/A