Atlassian Bitbucket Server cve-2019-3397 directory traversal vulnerability

Summary

Atlassian Bitbucket Server cve-2019-3397 has a directory traversal vulnerability. This product application has the function of manipulating files, and the loose restrictions will lead to unexpected files that can be accessed from the WEB directory. Through this vulnerability, an attacker oversteps his/her right to access or overwrite sensitive data.

Solution

At present, the manufacturer does not provide the repair solution, please pay attention to the manufacturer's home page:

https://bitbucket.org/