Atlassian Crucible vulnerabilities
2 known vulnerabilities affecting atlassian/atlassian_crucible.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-9509MEDIUMCVSS 5.4vAll versions prior to version 4.4.12017-08-24
CVE-2017-9509 [MEDIUM] CWE-79 CVE-2017-9509: The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers t
The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the charset of a previously uploaded file.
cvelistv5nvd
CVE-2017-9507MEDIUMCVSS 5.4vFrom version 4.1.0 before version 4.4.1.2017-08-24
CVE-2017-9507 [MEDIUM] CWE-79 CVE-2017-9507: The review dashboard resource in Atlassian Crucible from version 4.1.0 before version 4.4.1 allows r
The review dashboard resource in Atlassian Crucible from version 4.1.0 before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the review filter title parameter.
cvelistv5nvd