Community Announcements have moved! To stay up to date, please join the new Community Announcements group today. Learn more

×
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Public repository contains Remote Code Execution vulnerability

Frantz Galinier-Stefani
Frantz Galinier-Stefani August 15, 2025

Hello,

The following public repository contains malicious code:
https://bitbucket.org/ethvault-tech-team/ethvault/src/master/

In file server/controllers/productController.js, the function `getCookie` downloads arbitrary code from:
https://api.mocki.io/v2/964ug6uu
and executes it locally using `new Function(...)` with `require`.

This is a Remote Code Execution vulnerability that could fully compromise a user’s machine.
The repository has been online since July 10, 2025 and is being shared with job candidates as a “technical test”.

Please investigate and take action to remove or restrict this repository.

Answer
Watch
Like Be the first to like this
173 views

1 answer

0 votes
Mikael Sandberg
Mikael Sandberg
Community Champion
August 15, 2025

Hi @Frantz Galinier-Stefani,

Welcome to Atlassian Community!

Please report this to abuse@atlassian.com and they will take action on it. Just note that the team will not reply back. 

View More Comments
Frantz Galinier-Stefani
Frantz Galinier-Stefani August 15, 2025

Ok, thx 

Like Mikael Sandberg likes this
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 17, 2025

Hi @Frantz Galinier-Stefani 

Thank you for raising this to our attention. I've just reported this directly to our anti-abuse team and will let you know the outcome.

Cheers!

- Ben (Bitbucket Cloud Support)

Like
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 17, 2025

I can confirm that the content has been taken down, and the user has been de-activated

Like
Frantz Galinier-Stefani
Frantz Galinier-Stefani August 18, 2025

Thank you Ben and the Atlassian team for your quick action and professionalism. I really appreciate the seriousness with which this issue was handled, ensuring the safety of developers and candidates. It’s reassuring to see such responsiveness from the community and support team.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security