Crucible Security Vulnerabilities and Issues — Crucible CVE List

Lucene search

AtlassianCrucible

2 matches found

CVE•added 2019/02/20 3:0 p.m.•39 views

CVE-2018-20241

The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the wbuser parameter.

5.4CVSS5.3AI score0.00226EPSS

CVE•added 2019/02/20 3:0 p.m.•37 views

CVE-2018-20240

The administrative linker functionality in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the href parameter.

4.8CVSS4.9AI score0.00205EPSS