A vulnerability was found in Atlassian Bitbucket Server and Data Center. It has been classified as critical. Affected is an unknown function of the component Environment Variable Handler. The manipulation of the argument username leads to command injection.
This vulnerability is traded as CVE-2022-43781. The attack can only be initiated within the local network. Furthermore, there is an exploit available.