Atlassian : Security Vulnerabilities, CVEs, Published In 2011 (XSS)
Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) the user profile display name, which is not properly handled in a FishEye page.
Max CVSS
4.3
EPSS Score
0.31%
Published
2011-12-15
Updated
2017-08-29
1 vulnerabilities found