CySec News A critical command injection vulnerability in a Bitbucket product could allow an attacker to execute arbitrary code, researchers warn. Bitbucket is a Git-based source code repository hosting service owned by Atlassian. The flaw, tracked as CVE-2022-36804, is a command injection vulnerability in multiple API endpoints of Bitbucket Server and Data Center. Reference: https://portswigger.net/daily-swig/critical-command-injection-vulnerability-discovered-in-bitbucket-server-and-data-center […]