CVE-2017-18038

Summary

The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.

Affected Software

VendorProductVersion RangeStatus
AtlassianBitbucket Serverprior to 5.6.0affected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References