Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-19708

The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

      The version of the bundled Atlassian Application Links plugin was vulnerable to XSS. See https://ecosystem.atlassian.net/browse/APL-1361 for more details.

            [BAM-19708] The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

            Security Metrics Bot added a comment - - edited

            This is an independent assessment and you should evaluate its applicability to your own IT environment.

            CVSS v3 score: 6.8 => Medium severity

            Exploitability Metrics

            Attack Vector Network
            Attack Complexity Low
            Privileges Required High
            User Interaction Required

            Scope Metric

            Scope Unchanged

            Impact Metrics

            Confidentiality High
            Integrity High
            Availability High

            https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

            Security Metrics Bot added a comment - - edited This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 6.8 => Medium severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required High User Interaction Required Scope Metric Scope Unchanged Impact Metrics Confidentiality High Integrity High Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

              achystoprudov Alexey Chystoprudov
              security-metrics-bot Security Metrics Bot
              Affected customers:
              0 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: