CWD-4879 – Getting issue details STATUS: Crowd has released the following versions containing a fix: Crowd version 2.9.7, 2.10.3 and 2.11.1. Customers who have downloaded and installed Crowd from 2.8.3 before 2.7.7 are affected by this vulnerability. Atlassian Cloud instances aren’t affected by the issue described on this page. If affected, you should upgrade to the latest version of Crowd immediately. If you’re running Crowd 210.1 or 211.0, upgrade to version 29.3.0.”]
Source: https://confluence.atlassian.com/crowd/crowd-security-advisory-2017-03-10-876857916.html