Remote Code Execution in Atlassian Bitbucket Server due to Browser Editing Feature
CVE-2018-5225

9.9CRITICAL

Key Information:

Vendor: Atlassian
Status: Bitbucket Server
Vendor: CVE Published:; 22 March 2018

What is CVE-2018-5225?

A vulnerability in the browser editing feature of Atlassian Bitbucket Server allows authenticated users to execute remote code. This issue arises from improper handling of symbolic links within repositories. Affected versions include those prior to 5.4.8, 5.5.8, 5.6.5, 5.7.3, and 5.8.2, posing a significant security risk for users relying on this functionality.