The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before 3.7.1 allows remote attackers to perform a Denial of Service attack via an XML Entity Expansion vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2020-02-06T03:10:24.881912Z
Updated: 2024-09-16T17:04:16.877Z
Reserved: 2019-12-30T00:00:00
Link: CVE-2019-20104
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-02-06T03:15:10.123
Modified: 2024-11-21T04:38:04.280
Link: CVE-2019-20104
Redhat
No data.