CVE-2017-18094
CVE-2017-18094 concerns Atlassian FishEye and Crucible prior to versions 4.4.3 (for 4.4.x line) and 4.5.0, where remote attackers with administrative privileges can inject arbitrary HTML or JavaScript via a cross-site scripting (XSS) vulnerability in the base path setting of a configured filesyst...