Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The view review history resource in Atlassian Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the invited reviewers for a review.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Crucible 跨站脚本漏洞
Vulnerability Description
Atlassian Crucible是澳大利亚Atlassian公司的一套代码审查工具。该工具提供审查代码、讨论变化、分享知识和识别缺陷等审查流程。 Atlassian Crucible 4.4.3之前的4.4.x版本和4.5.0版本中的view review history资源存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的HTML或JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A