CVE-2017-18091

CVE-2017-18091

The admin backupprogress action in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allows remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the filename of a backup.

Source: CVE-2017-18091

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다