Unrated severityNVD Advisory· Published Mar 16, 2022· Updated Oct 4, 2024
CVE-2021-43957
CVE-2021-43957
Description
Affected versions of Atlassian Fisheye & Crucible allowed remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory and bypass the fix for CVE-2020-29446 due to a lack of url decoding. The affected versions are before version 4.8.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2- jira.atlassian.com/browse/CRUC-8524mitrex_refsource_MISC
- jira.atlassian.com/browse/FE-7388mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.