-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
None
-
Severity 2 - Major
-
Various resources in Atlassian FishEye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.
- was cloned as
-
CRUC-8113 XSS in various resources through the dialog parameter - CVE-2017-14588
- Closed