Description
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
Affected products
- Atlassian / Fisheye and Crucibleunspecified – 4.5.4