CVE-2017-14587 is a vulnerability in Atlassian Crucible
Published on October 11, 2017

The administration user deletion resource in Atlassian Fisheye and Crucible before version 4.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the uname parameter.

NVD

Products Associated with CVE-2017-14587

Want to know whenever a new CVE is published for Atlassian Crucible? stack.watch will email you.

Atlassian Crucible

Affected Versions

Atlassian Fisheye and Crucible Version All versions prior to version 4.4.2 is affected by CVE-2017-14587

Exploit Probability

EPSS

0.20%

Percentile

41.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-14587 is a vulnerability in Atlassian CruciblePublished on October 11, 2017

Products Associated with CVE-2017-14587

Affected Versions

Exploit Probability

CVE-2017-14587 is a vulnerability in Atlassian Crucible
Published on October 11, 2017