CVE-2017-8907HIGHCVSS 8.8v5.0.0 <= version < 5.15.7ยทv6.0.0 <= version < 6.0.12017-06-14
CVE-2017-8907 [HIGH] CWE-863 CVE-2017-8907: Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a
Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vulnerability, provided there is an existing plan with a g
cvelistv5nvd