...
Subversion ALM is subscribed to Atlassian’s Bug Bounty program and some vulnerable locations have been reported by the BugCrowd organization. Now, the atls_token is required from a lot of locations in Subversion ALM to protect against data modification via CSRF attacks. The vulnerability has been ranked with a P2 severity level
Please upgrade to the 9.0.8 version to fix them.
...