Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the charset of a previously uploaded file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Crucible review file upload resource 跨站脚本漏洞
Vulnerability Description
Atlassian Crucible是澳大利亚Atlassian公司的一套代码审查工具。该工具提供审查代码、讨论变化、分享知识和识别缺陷等审查流程。review file upload resource是其中的一个上传文件资源库。 Atlassian Crucible 4.4.1之前的版本中的review file upload resource存在跨站脚本漏洞。远程攻击者可借助之前上传文件的字符集利用该漏洞注入任意的HTML或JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A