Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a repository or review file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2017-08-24T17:00:00Z
Updated: 2024-09-17T03:23:29.429Z
Reserved: 2017-06-07T00:00:00
Link: CVE-2017-9508
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-08-24T17:29:00.273
Modified: 2020-11-25T14:15:12.233
Link: CVE-2017-9508
Redhat
No data.