-
A DoS vulnerability was identified in Categories for Bitbucket on 27 May 2021, affecting versions until 1.5.1.
-
The vulnerability allows actors (including anonymous users) to create high CPU load on a Bitbucket Data Center node, making the affected system slow and eventually unusable.
-
The vulnerability has been rated as P2 (High) according to the scale published under Bugcrowd’s Vulnerability Rating Taxonomy (VRT).
-
-
Cross-site scripting vulnerabilities were identified in Categories for Bitbucket on 12 November 2020, affecting versions until 1.5.0.
-
These security vulnerabilities could be exploited by users to inject JavaScript into the project and repository category definitions. The malicious code would then be executed when viewing the project and repository list.
-
The vulnerabilities have been rated as P2 (High) according to the scale published under Bugcrowd’s Vulnerability Rating Taxonomy (VRT).
-
If you are using Categories for Bitbucket in any version up to and including 1.5.1, please upgrade the app to version 1.6.0.