cbcvebase.
CVE-2020-4018
published 2020-06-01

CVE-2020-4018: The setup resources in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to complete the setup process via a cross-site request…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
The setup resources in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to complete the setup process via a cross-site request forgery (CSRF) vulnerability.

Affected

4 ranges
VendorProductVersion rangeFixed in
atlassiancrucible< 4.8.14.8.1
atlassiancrucible>= unspecified < 4.8.14.8.1
atlassianfisheye< 4.8.14.8.1
atlassianfisheye>= unspecified < 4.8.14.8.1