Atlassian Bitbucket Server 4.x < 4.7.1 Directory Traversal
Medium Nessus Network Monitor Plugin ID 9940
SynopsisThe remote Bitbucket server is affected by an Dierctory Traversal attack vector.
DescriptionVersions of Bitbucket 4.x prior to 4.7.1 contain a flaw that allows traversing outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically path traversal style attacks (e.g. '../') when handling user repository pull requests. With a specially crafted request, an authenticated remote attacker can read the first line of arbitrary files.
SolutionUpgrade to Bitbucket version 4.7.1 or later.