Uploaded image for project: 'SR for Bitbucket - Development'
  1. SR for Bitbucket - Development
  2. SRBITB-816

ScriptRunner for Bitbucket Remote Code Execution Vulnerability

    XMLWordPrintableJSON

    Details

    • Sprint:
      DevTools 82
    • Critical Points:
      0

      Description

      The vulnerability allows a malicious authenticated user to run arbitrary code inside the instance without administrative permissions.

      This security vulnerability has been fixed in ScriptRunner for Bitbucket 6.5.1 / 6.5.1-p5; it is recommended all customers upgrade to 6.5.1+ where possible.

        Attachments

          Activity

            People

            Assignee:
            rlander Reece Lander
            Reporter:
            rgiddings Robert Giddings
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: