CVE-2017-18095
CVE-2017-18095 affects Atlassian Crucible prior to 4.5.1 and prior to 4.6.0. The vulnerability is an improper authorization that allows remote attackers to comment on snippets they should not access. A fix exists in the 4.5.x series (4.5.1+) and in 4.6.0+. Organizations using Crucible should upgr...