Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2007/03/21 4:40 a.m.19 views

Deleting a custom field which has an issue security scheme or permission scheme on it causes system error

A custom field with an issue security scheme based on it is deleted. A subsequent search on a issue under this security scheme causes a system error...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/02/18 10:28 p.m.19 views

Deleting user does not remove the user from a permission scheme

If a single user is added to a permission in a permission scheme, deleting this user will not remove him/her from the permission scheme. This results in stack traces in the logs such as: noformat 2007-02-14 14:10:57,882 WARN atlassian.jira.scheme.AbstractSchemeManager 'fred' is not a valid user...

1.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/01/10 3:32 a.m.19 views

XSS bug: usernames not HTML-encoded in all places

When signing up for an account, it is possible to enter a username like "fred". Confluence will accept this, and on certain pages, render it as raw HTML to the user, opening the possibility of cross-site scripting XSS attacks. Two places I've spotted the raw HTML so far: - Most prominently, when ...

5.9AI score
Exploits0
Atlassian
Atlassian
added 2006/07/28 6:59 a.m.19 views

IP restrictions on admin rights

A security conscience evaluator has requested the option to restrict administration access to a range of / a specific IP address/es...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2006/04/15 10:2 a.m.19 views

Change a user's password remotely

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-9921. panel I would like to be able to change a user's password remotely. Suggested API and implementation as follows: codevoid...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2006/04/15 10:2 a.m.19 views

Change a user's password remotely

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-9921. panel I would like to be able to change a user's password remotely. Suggested API and implementation as follows: codevoid...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2005/11/03 3:17 a.m.19 views

Project admin is presented with an option to select a Screen Scheme

The option of changing the scheme should only be given to the global admins...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2005/11/03 3:17 a.m.19 views

Project admin is presented with an option to select a Screen Scheme

The option of changing the scheme should only be given to the global admins...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2004/09/17 9:37 a.m.19 views

MoveIssue does not keep the security issue level after the move.

MoveIssue does not keep the security issue level after the move...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2004/04/01 11:52 a.m.19 views

Character not allowed in user name

A user has sign up with the user name "m&m". The i tried to modify this user. Because the username is passed as url parameter FooServlet?name=m&m : GET or POST method the servlet container cut the name and try to retreive the username named "m" !!! The only way is to use a database client, change...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2004/02/14 4:19 a.m.19 views

Applet certificate is not trusted.

You need to get a proper certificate for the applet - or else there will be some disquiet amongst some corporate users - and their IT Security overlords...

2AI score
Exploits0
Atlassian
Atlassian
added 2002/08/26 1:28 a.m.19 views

Have JIRA delete cookie when user authentication fails

I would like to suggest that if JIRA loads the user details id and password from a cookie and attempts to authenticate and fails then JIRA should delete the cookie. The logic behind this is: We are using LDAP for authentication to Novell's NDS and if a user gets JIRA to remember their id and...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2002/04/09 2:39 p.m.19 views

Asked to re-authenticate to delete issue

/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2026/04/08 10:29 p.m.18 views

MITM (Man-in-the-Middle) xmlhttprequest Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity MITM Man-in-the-Middle vulnerability was introduced in versions 11.1.0, 11.2.0, and 11.3.0 of Jira Service...

9.4CVSS7.2AI score0.02056EPSS
Exploits1
Atlassian
Atlassian
added 2026/03/06 5:28 a.m.18 views

File Inclusion node-tar Dependency in Jira Service Management Data Center

This High severity File Inclusion vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.1 of Jira Service Management Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2...

8.2CVSS6AI score0.00541EPSS
Exploits1
Atlassian
Atlassian
added 2026/02/11 6:28 p.m.18 views

DoS (Denial of Service) ua-parser-js Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, and 11.0.0 of Jira Service Management Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Sco...

7.5CVSS7.3AI score0.01725EPSS
Exploits2
Atlassian
Atlassian
added 2026/02/11 6:28 p.m.18 views

DoS (Denial of Service) semver Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25883 was introduced in versions 11.3.0 and 11.3.1 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

7.5CVSS7AI score0.02761EPSS
Exploits1
Atlassian
Atlassian
added 2026/02/11 4:29 p.m.18 views

DoS (Denial of Service) in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2020-28469 was introduced in versions 6.0.0, 6.1.5, 6.2.4, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.5AI score0.04456EPSS
Exploits1
Atlassian
Atlassian
added 2026/02/11 4:29 p.m.18 views

DoS (Denial of Service) in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 5.3.1, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.5AI score0.01725EPSS
Exploits2
Atlassian
Atlassian
added 2026/02/05 9:27 p.m.18 views

DOM-based XSS com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer Dependency in Bamboo Data Center and Server

This High severity DOM-based XSS vulnerability known as CVE-2025-66021 was introduced in versions 10.2.9, 11.0.7, 12.0.1, and 12.1.0 of Bamboo Data Center and Server. This DOM-based XSS vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of...

8.6CVSS6.1AI score0.00226EPSS
Exploits1
Atlassian
Atlassian
added 2026/01/16 6:45 a.m.18 views

DoS (Denial of Service) cross-spawn Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in versions 10.3.0 of Jira Service Management Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.7 and a CVSS Vector of code:java...

8.7CVSS8.3AI score0.00873EPSS
Exploits0
Atlassian
Atlassian
added 2026/01/09 6:27 p.m.18 views

Race Condition at org.glassfish.jersey.core:jersey-client in Bamboo Data Center

This is a vulnerability in a non-Atlassian Bamboo dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Race Condition vulnerability was introduced in versions 9.6.0, 10.0, 10.1 and 10.2.0 of Bamboo Data Center and Server. This...

9.4CVSS5.4AI score0.00277EPSS
Exploits0
Atlassian
Atlassian
added 2026/01/09 4:27 p.m.18 views

XSS (Cross Site Scripting) dompurify Dependency in Jira Software Data Center and Server

This High severity XSS Cross Site Scripting vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, and 11.1.0 of Jira Software Data Center and Server. This XSS Cross Site Scripting vulnerability, with a CVSS Score o...

7.3CVSS6.6AI score0.00844EPSS
Exploits0
Atlassian
Atlassian
added 2026/01/08 10:27 p.m.18 views

Injection cipher-base Dependency in Jira Software Data Center and Server

This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Software Data Center and Server. This Injection vulnerability, with a CVSS Score of 9.1 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows an...

9.1CVSS7.4AI score0.0047EPSS
Exploits1
Atlassian
Atlassian
added 2026/01/02 7:27 a.m.18 views

DoS (Denial of Service) qs Dependency in Jira Service Management Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 10.3.14 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 8.7 and a CVSS Vector of...

6.3CVSS5.5AI score0.0041EPSS
Exploits1
Atlassian
Atlassian
added 2025/12/19 7:27 p.m.18 views

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 7.1.2 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...

7.5CVSS5.4AI score0.01456EPSS
Exploits0
Atlassian
Atlassian
added 2025/12/12 7:28 a.m.18 views

DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.6, allows an attacker to perform actions to degrade service, which has no impact to confidentiality, no...

8.6CVSS8.1AI score0.01702EPSS
Exploits0
Atlassian
Atlassian
added 2025/12/12 7:28 a.m.18 views

Injection in Crowd Data Center and Server

This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability known as CVE-2025-9288 was introduced in versions 2.2.6, 2.4.11, 6.2.4, 6.3.0, and 7.1.0 of Crowd Da...

9.1CVSS5.6AI score0.00651EPSS
Exploits2
Atlassian
Atlassian
added 2025/12/12 7:28 a.m.18 views

MITM (Man-in-the-Middle) org.postgresql:postgresql Dependency in Confluence Data Center and Server

This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 9.2.8 of Confluence Data Center and Server. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N allows an unauthenticated attacker t...

8.2CVSS7.3AI score0.00461EPSS
Exploits0
Atlassian
Atlassian
added 2025/12/10 2:37 a.m.18 views

XXE (XML External Entity Injection) Tika Dependency in Jira Service Management Data Center and Server

This Jira Service Management release includes updates to our Apache Tika dependency in response to CVE-2025-66516. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the known path...

9.8CVSS7AI score0.79807EPSS
Exploits5
Atlassian
Atlassian
added 2025/12/04 10:56 p.m.18 views

Prototype Pollution zrender Dependency in Jira Service Management Data Center and Server

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2022-39227 was introduced in 10.3.0, and 11.0.0 of Jira...

9.1CVSS6.8AI score0.0366EPSS
Exploits2
Atlassian
Atlassian
added 2025/11/14 6:27 p.m.18 views

DoS (Denial of Service) org.codehaus.jettison:jettison Dependency Vulnerability in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-4569 was introduced in 9.12.1, 9.12.2, 9.12.3, 9.12.4, 9.12.5, 9.12.6, 9.12.7, 9.12.8, 9.12.9, 9.12.10, 9.12.11, 9.12.12, 9.12.13, 9.12.14, 9.12.15, 9.12.16, 9.12.17, 9.12.18, 9.12.19, 9.12.22, 9.12.23, 9.12.24, 9.12.25,...

7.8CVSS6.7AI score0.00195EPSS
Exploits0
Atlassian
Atlassian
added 2025/11/14 6:27 a.m.18 views

DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-45590

This High severity vulnerability known as CVE-2024-45590 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...

7.5CVSS6.8AI score0.00824EPSS
Exploits1
Atlassian
Atlassian
added 2025/11/14 6:27 a.m.18 views

Command Injection Third-Party Dependency in Bitbucket Data Center and Server - CVE-2021-23337

This High severity vulnerability known as CVE-2021-23337 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.2 and a CV...

7.2CVSS6.8AI score0.2241EPSS
Exploits2
Atlassian
Atlassian
added 2025/11/14 5:27 a.m.18 views

Prototype Pollution Third-Party Dependency in Confluence Data Center and Server - CVE-2022-46175

This High severity vulnerability known as CVE-2022-46175 was introduced in 7.19.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0, 9.1.0, 9.0.1, 9.2.0, 9.3.1 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H...

8.8CVSS8.1AI score0.09304EPSS
Exploits1
Atlassian
Atlassian
added 2025/11/14 5:27 a.m.18 views

DoS (Denial of Service) Third-Party Dependency in Confluence Data Center and Server - CVE-2022-38900

This High severity vulnerability known as CVE-2022-38900 was introduced in 7.19.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0, 9.1.0, 9.0.1, 9.2.0, 9.4.0, 9.5.1 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A...

7.5CVSS7AI score0.24928EPSS
Exploits1
Atlassian
Atlassian
added 2025/11/14 5:27 a.m.18 views

Improper Authorization Third-Party Dependency in Confluence Data Center and Server - CVE-2025-41248

This High severity vulnerability known as CVE-2025-41248 was introduced in 10.1.0 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Atlassian recommends that Confluence Data Center and Server custome...

7.5CVSS6.8AI score0.00433EPSS
Exploits0
Atlassian
Atlassian
added 2025/11/13 11:27 p.m.18 views

Improper Authorization Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-41248

This High severity vulnerability known as CVE-2025-41248 was introduced in 10.0.0 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Atlassian recommends that Bitbucket Data Center and Server customers...

7.5CVSS6.8AI score0.00433EPSS
Exploits0
Atlassian
Atlassian
added 2025/08/07 7:9 a.m.18 views

DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.3.0, 10.6.0, and 10.7.1 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allo...

7.5CVSS6.8AI score0.01898EPSS
Exploits0
Atlassian
Atlassian
added 2025/07/09 3:49 a.m.18 views

BASM (Broken Authentication and Session Management) org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.3.0 and 10.7.1 of Jira Service Management Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...

7.5CVSS7.3AI score0.03163EPSS
Exploits0
Atlassian
Atlassian
added 2025/07/08 5:10 a.m.18 views

Third-Party Dependency in Bamboo Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in version 9.6.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N allows an unauthenticated attacker to...

7.2CVSS7AI score0.00453EPSS
Exploits0
Atlassian
Atlassian
added 2025/07/08 5:9 a.m.18 views

RCE (Remote Code Execution) Third-Party Dependency in Bamboo Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.3.0, 9.4.0, 9.5.0, 9.6.0, 10.0.0, 10.1.0, 10.2.0, and 11.0.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...

8.8CVSS8.5AI score0.01548EPSS
Exploits1
Atlassian
Atlassian
added 2025/07/08 5:9 a.m.18 views

Third-Party Dependency in Bamboo Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 10.2.2 and 11.0.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N allows an unauthenticated...

8.2CVSS7.9AI score0.00461EPSS
Exploits0
Atlassian
Atlassian
added 2025/05/23 12:8 a.m.18 views

Path Traversal Third-Party Dependency in Crowd Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 5.1.0, 5.2.0, and 5.3.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticat...

7.5CVSS7.5AI score0.14718EPSS
Exploits1
Atlassian
Atlassian
added 2024/09/09 12:9 p.m.18 views

Risky Deserialization Calls - benryanconversion ( Office Connector Plugin)

The benryanconversion plugin contains a code path that eventually ends up with a partially user-controlled filename being treated as the input for a call to readObject see FileBackedCache.loadFile. To trigger this, an attacker would need to call the following, with a payload in the sheetName...

7.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2024/08/28 8:27 a.m.18 views

Accessing Confluence using PAT Token fails intermittently when multiple users access concurrently

h3. Issue Summary This issue is similar to the one reported in Jira side under JRASERVER-76340|https://jira.atlassian.com/browse/JRASERVER-76340 This is reproducible on Data Center: Yes h3. Steps to Reproduce Provision a new Confluence environment Create two new users: "usera" and "userb" For eac...

6.8AI score
Exploits0
Atlassian
Atlassian
added 2021/01/12 11:53 p.m.18 views

Html Macros should respect authenticated user based on allowlist API

Gadgets have moved to use whitelist.isAllowedURI, Userkey to give more controls to admins to whether allow anonymous users or not. More details on the whitelist API changes can be found here: https://asecurityteam.atlassian.net/browse/VULN-217900 We had to enable the old behaviour of...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2020/11/03 12:25 p.m.18 views

Removing the Groups from the Accounts>Groups page doesn't remove the references from the Project Permissions page

h3. Issue Summary Removing the Groups from the AccountsGroups page doesn't remove the references from the Project Permissions page and the Global permissions page h3. Steps to Reproduce Create a New group named "newtestgroup" Add a user to the Group Add the Group Access for "newtestgroup" under t...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2020/06/04 8:13 p.m.18 views

Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

h3. Issue Summary Currently, Jira runs with jQuery version 2.2.4, which is susceptible to the following vulnerabilities: https://nvd.nist.gov/vuln/detail/CVE-2020-11023 https://nvd.nist.gov/vuln/detail/CVE-2020-11022 h3. Steps to Reproduce - h3. Expected Results We should update the version of...

6.9CVSS7.3AI score0.99019EPSS
Exploits11
Atlassian
Atlassian
added 2019/08/06 3:4 p.m.18 views

Bitbucket sends email notifications to unlicensed users for pushed commits in a repository

h3. Issue Summary An unlicensed user will continue to receive email notifications for pushed commits for repositories that the user was watching and receiving notifications when active. h3. Steps to Reproduce User1 enables email repository email notifications to be sent immediately User1 watches...

1.6AI score
Exploits0
Total number of security vulnerabilities4295