Vulnerability in Atlassian Bamboo
CVE-2017-18041
The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.
EPSS: 0.001 (34.5th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Bamboo — versions prior to 6.2.0
References
- 103071 (vdb-entry, x_refsource_BID)
- jira.atlassian.com/browse/BAM-19662 (x_refsource_CONFIRM)