Details
-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
None
-
Severity 2 - Major
-
Description
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue keys.
Attachments
Issue Links
- is related to
-
CRUC-8304 Several resources were vulnerable to XSS - CVE-2018-13392
-
- Closed
-