2 matches found
CVE-2017-14589
It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their...
CVE-2017-14589
CVE-2017-14589: Atlassian Bamboo is affected by a remote code execution issue caused by double OGNL evaluation in FreeMarker templates via Struts FreeMarker tags. Affected versions are Bamboo < 6.1.6 and 6.2.0 ≤ Bamboo