GHSA-w37q-9jx3-6cgj
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
The administration user deletion resource in Atlassian Fisheye and Crucible before version 4.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the uname parameter.
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 29, 2025 6:37 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.