2 matches found
CVE-2017-18111
The OAuthHelper in Atlassian Application Links before version 5.0.10, from version 5.1.0 before version 5.1.3, and from version 5.2.0 before version 5.2.6 used an XML document builder that was vulnerable to XXE when consuming a client OAuth request. This allowed malicious oauth application linked...
CVE-2017-18111
The CVE-2017-18111 issue affects Atlassian Application Links: the OAuthHelper component. Versions affected include before 5.0.10, 5.1.0 before 5.1.3, and 5.2.0 before 5.2.6. The root cause is an XML document builder that is vulnerable to XML External Entity (XXE) processing when handling a client...