Cross-Site Request Forgery Vulnerability in Atlassian Bamboo
CVE-2017-18042
8.8HIGH
Summary
A vulnerability exists in Atlassian Bamboo prior to version 6.3.1, enabling remote attackers to exploit Cross-Site Request Forgery (CSRF) to alter user data, including sensitive information such as passwords. This flaw potentially exposes user accounts to unauthorized access and manipulation, emphasizing the need for proper input validation and security measures to protect against CSRF attacks.
Affected Version(s)
Bamboo prior to 6.3.1
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved