Details
-
Bug
-
Status: Done
-
High
-
Resolution: Fixed
-
5.4.29, 6.5.0, 6.5.0-p5
-
None
-
DevTools 82
-
0
Description
The vulnerability allows a malicious authenticated user to run arbitrary code inside the instance without administrative permissions.
This security vulnerability has been fixed in ScriptRunner for Bitbucket 6.5.1 / 6.5.1-p5; it is recommended all customers upgrade to 6.5.1+ where possible.