Improper Authorization in Crowd through ATST Plugin - CVE-2019-15005
The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Crowd & Crowd Data Center before version 3.6.0, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization...