CVE-2017-18090 is a vulnerability in Atlassian Fisheye
Published on February 16, 2018

Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author.

NVD

Products Associated with CVE-2017-18090

Want to know whenever a new CVE is published for Atlassian Fisheye? stack.watch will email you.

Atlassian Fisheye

Affected Versions

Atlassian Fisheye:

Version prior to 4.5.1 is affected.
Version prior to 4.6.0 is affected.

Exploit Probability

EPSS

0.22%

Percentile

44.89%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-18090 is a vulnerability in Atlassian FisheyePublished on February 16, 2018

Products Associated with CVE-2017-18090

Affected Versions

Exploit Probability

CVE-2017-18090 is a vulnerability in Atlassian Fisheye
Published on February 16, 2018