CVE-2017-18091
CVE-2017-18091 affects Atlassian Fisheye and Crucible where the admin-backup progress action allows an attacker with administrative privileges to inject arbitrary HTML or JavaScript via the backup filename (XSS). The vulnerability exists in versions earlier than 4.4.3 (the fixed release for the 4...