Arbitrary Code Execution via Serialized Data in Atlassian Bamboo

Arbitrary Code Execution via Serialized Data in Atlassian Bamboo

CVE-2015-8360 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote attackers to execute arbitrary Java code via serialized data to the JMS port.

Learn more about our Web Application Penetration Testing UK.