Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The admin backupprogress action in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allows remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the filename of a backup.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Fisheye和Crucible 跨站脚本漏洞
Vulnerability Description
Atlassian FishEye和Crucible都是澳大利亚Atlassian公司的产品。FishEye是一套源代码库深度查看软件。Crucible是一套代码审查工具。 Atlassian Fisheye和Crucible 4.4.3之前的4.4.x版本和4.5.0之前版本中的备份文件名存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的JavaScript脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A