2020-06-01 06:35:30
atlassian
PUBLISHED
The /profile/deleteWatch.do resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to remove another users watching settings for a repository via an improper authorization vulnerability.