Vulnerability CVE-2020-29446
Published: 2021-01-18

Description:
Affected versions of Atlassian Fisheye & Crucible allow remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory. The affected versions are before version 4.8.5.

 References:
https://jira.atlassian.com/browse/CRUC-8496
https://jira.atlassian.com/browse/FE-7326
Copyright 2026, cxsecurity.com

 

Back to Top