CVE-2017-18081
Affected product: Atlassian Bamboo (signupUser resource). Vulnerable in versions before 6.3.1 due to a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary HTML/JavaScript via the csrf token cookie value. Impact is the ability to execute script in a victim’s browser, p...