Atlassian Bamboo is prone to a remote vulnerability that allows attackers to take advantage of a deserialization vulnerability present in the commons-collections Java library.
By exploiting known methods, it is possible to remotely load a InvokerTransformer Java class, which allows the execution of system commands.
By exploiting known methods, it is possible to remotely load a InvokerTransformer Java class, which allows the execution of system commands.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name