Description
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing attackers to execute arbitrary code on a system running the impacted software.
Affected products
- Atlassian / Fisheye and CrucibleVersions less than 4.4.3 OR version 4.5.0 – Versions less than 4.4.3 OR version 4.5.0