Vulnerability in Atlassian Bamboo
CVE-2017-18082
The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a branch.
EPSS: 0.002 (37.1th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Bamboo — versions prior to 6.2.3
References
- jira.atlassian.com/browse/BAM-19666 (x_refsource_CONFIRM)