CVE-2018-5229

2018-07-16T13:29:00
ID CVE-2018-5229
Type cve
Reporter cve@mitre.org
Modified 2018-09-12T16:39:00

Description

The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of user submitted add-on names.