Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a repository or review file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Fisheye和Crucible 跨站脚本漏洞
Vulnerability Description
Atlassian Fisheye和Crucible都是澳大利亚Atlassian公司的产品。Atlassian Fisheye是一套源代码深度查看软件。Crucible是一套代码审查工具。 Atlassian FishEye和Crucible 4.4.1之前的版本中的多个资源库存在跨站脚本漏洞。远程攻击者可借助repository或review文件的名称利用该漏洞注入任意的HTML或JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A