Vulnerability in Atlassian Fisheye And Crucible
CVE-2017-18093
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allow remote attackers who have permission to add or modify a repository to inject arbitrary HTML or JavaScript via a c…
EPSS: 0.002 (39.0th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Fisheye And Crucible — versions prior to 4.5.0, prior to 4.4.3
References
- 103095 (vdb-entry, x_refsource_BID)
- jira.atlassian.com/browse/CRUC-8175 (x_refsource_CONFIRM)
- jira.atlassian.com/browse/FE-7008 (x_refsource_CONFIRM)