writeups.xyz / Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804)

Submitter : c2a

Date: 14 September 2022

Bounty : undisclosed

Vulnerabilities :

• RCE
• OS Command Injection

Programs :

• Atlassian

Authors :

• Maxwell Garrett (@TheGrandPew)

Link :
https://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server/