6.1 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.5%
Affected versions of Atlassian Fisheye & Crucible allow remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory. The affected versions are before version 4.8.5.
jira.atlassian.com/browse/CRUC-8496
jira.atlassian.com/browse/FE-7326