bitbucket
Bitbucket CSRF on SSH Add Key Endpoint via superdomain cookie
In October 2022 I found a pretty specific CSRF vulnerability on Bitbucket Server (the self hosted version). Since it has now been patched, here are the details.
ReadIn October 2022 I found a pretty specific CSRF vulnerability on Bitbucket Server (the self hosted version). Since it has now been patched, here are the details.
Read