CVE-2011-4822

CVE-2011-4822 involves multiple cross-site scripting (XSS) vulnerabilities in the Atlassian FishEye user profile feature prior to version 2.5.5. The issue allows remote attackers to inject arbitrary web script or HTML via two vectors: (1) snippets in a user comment that are not properly sanitized...