CVE-2018-13388

2018-07-10T13:29:00
ID CVE-2018-13388
Type cve
Reporter cve@mitre.org
Modified 2018-09-04T17:32:00

Description

The review attachment resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in attached files.