2 matches found
CVE-2017-18087
The CVE-2017-18087 entry concerns Atlassian Bitbucket Server. The download commit resource vulnerability in Bitbucket Server affects 5.1.0–5.1.7, 5.2.0–5.2.5, 5.3.0–5.3.3, and 5.4.0–5.4.1. An argument injection in the at parameter can be exploited by remote attackers to write files to disk and po...
Argument injection in the download commit resource through the at parameter - CVE-2017-18087
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them...