exploitDog

GHSA-4x33-wj73-4gxp

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the start date and end date parameters.

The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the start date and end date parameters.

Ссылки

EPSS

Процентиль: 49%

0.00257

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-9510

CVSS3: 5.4

nvd

больше 8 лет назад

The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the start date and end date parameters.

EPSS

Процентиль: 49%

0.00257

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79