Atlassian Crowd 5.0.x < 5.0.3 Misconfiguration
Discription
According to its self-reported version number, the Atlassian Crowd application running on the remote host is affected by a misconfiguration vulnerability. This vulnerability allows an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd’s REST API.
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More
References
Back to Main