CVE-2017-18093 is a vulnerability in Atlassian Crucible
Published on February 19, 2018

Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allow remote attackers who have permission to add or modify a repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the location setting of a configured repository.

NVD

Products Associated with CVE-2017-18093

Want to know whenever a new CVE is published for Atlassian Crucible? stack.watch will email you.

Atlassian Crucible

Affected Versions

Atlassian Fisheye and Crucible:

Version prior to 4.4.3 is affected.
Version prior to 4.5.0 is affected.

Exploit Probability

EPSS

0.18%

Percentile

39.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-18093 is a vulnerability in Atlassian CruciblePublished on February 19, 2018

Products Associated with CVE-2017-18093

Affected Versions

Exploit Probability

CVE-2017-18093 is a vulnerability in Atlassian Crucible
Published on February 19, 2018