3 matches found
CVE-2018-5229
The CVE concerns Atlassian Universal Plugin Manager (UPM). The vulnerability is a Cross-Site Scripting (XSS) in the NotificationRepresentationFactoryImpl class that affects UPM versions before 2.22.9, allowing an attacker to inject arbitrary HTML/JavaScript via user-submitted add-on names. Public...
CVE-2018-5229
The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of user submitted add-on names...
The bundled Atlassian Universal Plugin Manager plugin had a XSS issue - CVE-2018-5229
The version of the bundled Atlassian Universal Plugin Manager plugin had a cross site scripting vulnerability XSS. See https://ecosystem.atlassian.net/browse/UPM-5871 for more details...