Vulnerability in Atlassian Application Links
CVE-2017-18111
The OAuthHelper in Atlassian Application Links before version 5.0.10, from version 5.1.0 before version 5.1.3, and from version 5.2.0 before version 5.2.6 used an XML document builder that was vulnerable to XXE when consuming a client OAut…
EPSS: 0.001 (33.9th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Application Links — versions unspecified, 5.1.0, 5.2.0
References
- ecosystem.atlassian.net/browse/APL-1338 (x_refsource_MISC)