Security Advisory

CVE-2017-18107

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-17 03:45:13

Last updated 2024-09-16 20:06:27

Assigner atlassian

State PUBLISHED

Description

Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery (CSRF) vulnerability. Please be aware that the Demo application is not enabled by default.

← Browse all CVEs View on cve.org ↗