CVE-2017-18042

Summary

The update user administration resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify user data including passwords via a Cross-site request forgery (CSRF) vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianBambooprior to 6.3.1affected

Weaknesses

  • Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References