Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian fisheye vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-15008
The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the reviewedBranch parameter.
Atlassian Crucible
Atlassian Fisheye
6.1
CVSSv3
CVE-2018-13392
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue keys.
Atlassian Fisheye
Atlassian Crucible
6.1
CVSSv3
CVE-2018-5228
The /browse/~raw resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the handling of response headers.
Atlassian Fisheye
Atlassian Crucible
6.1
CVSSv3
CVE-2017-18090
Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author.
Atlassian Fisheye 4.5.0
6.1
CVSSv3
CVE-2017-14588
Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.
Atlassian Fisheye
Atlassian Crucible
5.4
CVSSv3
CVE-2020-4013
The review resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote malicious users to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability through the review objectives.
Atlassian Crucible
Atlassian Fisheye
5.4
CVSSv3
CVE-2020-4023
The review coverage resource in Atlassian Fisheye and Crucible before version 4.8.2 allows remote malicious users to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability through the committerFilter parameter.
Atlassian Crucible
Atlassian Fisheye
5.4
CVSSv3
CVE-2018-20239
Application Links before version 5.0.11, from version 5.1.0 prior to 5.2.10, from version 5.3.0 prior to 5.3.6, from version 5.4.0 prior to 5.4.12, and from version 6.0.0 prior to 6.0.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scriptin...
Atlassian Application Links
Atlassian Fisheye
Atlassian Crucible
Atlassian Jira Server
Atlassian Jira Data Center
Atlassian Confluence Data Center
Atlassian Confluence Server
Atlassian Crowd
5.4
CVSSv3
CVE-2018-20241
The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the wbuser parameter.
Atlassian Fisheye
Atlassian Crucible
5.4
CVSSv3
CVE-2018-13388
The review attachment resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in attached files.
Atlassian Fisheye
Atlassian Crucible
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »