Atlassian Crucible

All versions prior to version 4.4.1

OTHER 1 CVE

From version 4.1.0 before version 4.4.1.

OTHER 1 CVE

CVE-2017-9507

The review dashboard resource in Atlassian Crucible from version 4.1.0 before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the review filter title parameter.

UNKNOWN Aug 24, 2017

CVE-2017-9509

The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the charset of a previously uploaded file.

UNKNOWN Aug 24, 2017