Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) the user profile display name, which is not properly handled in a FishEye page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian FishEye多个跨站脚本漏洞
Vulnerability Description
Atlassian FishEye 2.5.5之前版本中的用户属性中存在多个跨站脚本漏洞。远程攻击者可以借助(1) 用户评论中的没有在Confluence页中适当处理的代码片段或者(2)没有在FishEye页中适当处理的用户属性显示名来注入任意web脚本或者HTML。
CVSS Information
N/A
Vulnerability Type
N/A