XSS vulnerability in Crucible's Snippets
We have identified and fixed a cross-site scripting XSS vulnerability in the Crucible Snippets. Affected versions are Crucible 2.4.5 to 2.5.0 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page. You can read more about XSS attack...