Researcher releases PoC code for critical Atlassian Crowd RCE flaw

A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution providing single sign-on and user identity. Atlassian plugged the hole in late May, but administrators that failed to implement it should consider doing so now, as full-fledged exploits are likely to pop up soon.

Read full article on Help Net Security

 


Date:

Categorie(s):