PublicCVE
Log inSign up

CVE-2018-20241

UNRATEDJSON exportCreate alert

Description

The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the wbuser parameter.

Affected products

References