Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 4.7.3, 4.8.0
Affects Version/s: N/A
Component/s: Projects
Labels:
- CVE-2019-15008
- advisory
- advisory-released
- bugbounty
- cvss-high
- security
- xss

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

The /plugins/servlet/branchreview resource in Atlassian Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the reviewedBranch parameter.

is related to

FE-7251 XSS in the /plugins/servlet/branchreview resource through the reviewedBranch parameter - CVE-2019-15008

Closed

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 10/Dec/2019 2:16 AM

Updated:: 11/Dec/2019 1:42 AM

Resolved:: 10/Dec/2019 2:18 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates