Atlassian Crowd : Security vulnerabilities, CVEs published in 2021

CVE-2020-36240

The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.

Max CVSS

5.3

EPSS Score

0.19%

Published

2021-03-01

Updated

2021-07-21

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Atlassian » Crowd : Security Vulnerabilities, CVEs, Published In 2021

CVE-2020-36240