CVE-2020-4015

Summary

The /json/fe/activeUserFinder.do resource in Altassian Fisheye and Crucible before version 4.8.1 allows remote attackers to view user user email addresses via a information disclosure vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianCrucibleunspecified < 4.8.1affected
AtlassianFisheyeunspecified < 4.8.1affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References