Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Affected versions of Atlassian Fisheye & Crucible allowed remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory and bypass the fix for CVE-2020-29446 due to a lack of url decoding. The affected versions are before version 4.8.9.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Fisheye和Crucible 安全漏洞
Vulnerability Description
Atlassian Fisheye和Crucible都是澳大利亚Atlassian公司的产品。Atlassian Fisheye是一套源代码深度查看软件。Crucible是一套代码审查工具。 Atlassian Fisheye & Crucible 存在安全漏洞,该漏洞允许远程攻击者通过 WEB-INF 目录中的不安全直接对象引用 (IDOR) 漏洞浏览本地文件,并由于缺乏 url 解码绕过 CVE-2020-29446 的修复程序。
CVSS Information
N/A
Vulnerability Type
N/A