CVE-2017-18081

2018-02-02T14:29:00
ID CVE-2017-18081
Type cve
Reporter security@atlassian.com
Modified 2019-04-26T18:05:00

Description

The signupUser resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the value of the csrf token cookie.