cvedb.io
CVE-2017-9512
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-08-24T17:29:00.383 · Last modified 2026-06-17T01:28:16.483

Summary

The mostActiveCommitters.do resource in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks.

Affected products

atlassian — crucible

Does this affect you?

Add your gear to cvedb and we'll alert you only when atlassian ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.