exploitDog

GHSA-frqp-667v-9r36

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.

Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.

Ссылки

EPSS

Процентиль: 47%

0.00239

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-14588

CVSS3: 6.1

nvd

больше 8 лет назад

Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.

EPSS

Процентиль: 47%

0.00239

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79