Lucene search
AtlassianCVELIST:CVE-2018-20240HistoryFeb 15, 2019 - 12:00 a.m.
CVE-2018-20240
2019-02-1500:00:00
atlassian
www.cve.org
0.001 Low
EPSS
Percentile
35.7%
The administrative linker functionality in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the href parameter.
CNA Affected
[
{
"product": "Fisheye and Crucible",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "4.7.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
cve
cve
CVE-2018-20240
2019-02-20 14:29:00
nvd
nvd
CVE-2018-20240
2019-02-20 14:29:00
prion
prion
Cross site scripting
2019-02-20 14:29:00