The /json/fe/activeUserFinder.do resource in Altassian Fisheye and Crucible before version 4.8.1 allows remote attackers to view user user email addresses via a information disclosure vulnerability.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Atlassian

Crucible

Affected Versions:

unspecified

Atlassian

Fisheye

Affected Versions:

unspecified

References

https://jira.atlassian.com/browse/FE-7284

https://jira.atlassian.com/browse/CRUC-8468

Published: 2020-06-01T06:35:31.031124Z

Last Modified: 2024-09-16T18:09:13.525Z

Copied to clipboard!