CVE-2020-14170: Bitbucket vulnerability

Share this with people that should know this:

Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.

References

  • jira.atlassian.com/browse/BSERV-12433
  • jira.atlassian.com/browse/BSERV-12433
  • Share this with people that should know this: