[BAM-19661] XSS in the viewDeploymentVersionCommits resource through the name of a release - CVE-2017-18040 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 6.2.0
Affects Version/s: None
Component/s: None
Labels:

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.

No work has yet been logged on this issue.

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 1 Start watching this issue

Created:: 02/Feb/2018 12:11 AM

Updated:: 19/Aug/2019 2:01 AM

Resolved:: 02/Feb/2018 3:12 AM

Details

Description

Attachments

Forms

Activity

[BAM-19661] XSS in the viewDeploymentVersionCommits resource through the name of a release - CVE-2017-18040

People

Dates