The mostActiveCommitters.do resource in Atlassian FishEye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks.
원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9512
원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9512
댓글 0
| 번호 | 제목 | 글쓴이 | 날짜 | 조회 수 |
|---|---|---|---|---|
| 257 | CVE-2017-0011 | 관리자 | 2017.03.18 | 10 |
| 256 | CVE-2017-0009 | 관리자 | 2017.03.18 | 10 |
| 255 | CVE-2017-0005 | 관리자 | 2017.03.18 | 10 |
| 254 | CVE-2017-6573 (mail-masta) | 관리자 | 2017.03.10 | 10 |
| 253 | CVE-2017-6548 | 관리자 | 2017.03.10 | 10 |
| 252 | CVE-2017-6562 | 관리자 | 2017.03.10 | 10 |
| 251 | CVE-2017-6552 | 관리자 | 2017.03.10 | 10 |
| 250 | CVE-2018-5761 | 관리자 | 2018.01.25 | 9 |
| 249 | CVE-2017-18045 | 관리자 | 2018.01.25 | 9 |
| 248 | CVE-2017-15713 | 관리자 | 2018.01.25 | 9 |
| 247 | CVE-2017-7327 | 관리자 | 2018.01.25 | 9 |
| 246 | CVE-2017-6142 | 관리자 | 2018.01.25 | 9 |
| 245 | CVE-2018-5785 | 관리자 | 2018.01.25 | 9 |
| 244 | CVE-2016-0872 | 관리자 | 2017.11.09 | 9 |
| 243 | CVE-2017-2914 | 관리자 | 2017.11.09 | 9 |