Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-19708

The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

      The version of the bundled Atlassian Application Links plugin was vulnerable to XSS. See https://ecosystem.atlassian.net/browse/APL-1361 for more details.

            [BAM-19708] The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

            Anonymous made changes -
            Remote Link Original: This issue links to "APL-1361 (Ecosystem Jira)" [ 360587 ] New: This issue links to "APL-1361 (Ecosystem JIRA)" [ 360587 ]
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Bamboo Workflow 2016 v1 - Restricted [ 2635297 ] New: JAC Bug Workflow v3 [ 3383967 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Symptom Severity Original: Critical [ 14430 ] New: Severity 1 - Critical [ 15830 ]
            David Black made changes -
            Link New: This issue is related to JRASERVER-66827 [ JRASERVER-66827 ]
            David Black made changes -
            Labels Original: CVE-2018-5227 advisory advisory-released bugbounty cvss-medium security security-bot-created xss New: CVE-2018-5227 advisory advisory-released bugbounty cvss-medium patch-management security security-bot-created xss
            David Black made changes -
            Labels Original: advisory advisory-released bugbounty cvss-medium security security-bot-created xss New: CVE-2018-5227 advisory advisory-released bugbounty cvss-medium security security-bot-created xss
            David Black made changes -
            Security Original: Reporter and Atlassian Staff [ 10751 ]
            David Black made changes -
            Description Original: Application Links needs to be updated see https://ecosystem.atlassian.net/browse/APL-1356. The affected version(s) of Application Links is/are before version 5.4.4. New: The version of the bundled Atlassian Application Links plugin was vulnerable to XSS. See https://ecosystem.atlassian.net/browse/APL-1361 for more details.
            David Black made changes -
            Labels Original: bugbounty cvss-medium security security-bot-created xss New: advisory advisory-released bugbounty cvss-medium security security-bot-created xss
            David Black made changes -
            Summary Original: Update application links to fix https://ecosystem.atlassian.net/browse/APL-1356 New: The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

              achystoprudov Alexey Chystoprudov
              security-metrics-bot Security Metrics Bot
              Affected customers:
              0 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: