-
Bug
-
Resolution: Fixed
-
Medium
-
4.3.1, 4.4.0
-
None
-
Severity 3 - Minor
-
Various resources in Atlassian FishEye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a repository or review file.
- is cloned from
-
CRUC-8044 Various XSS through a repository or review filename - CVE-2017-9508
- Closed