VYPR
Medium severity6.1NVD Advisory· Published Feb 16, 2018· Updated Jun 17, 2026

CVE-2017-18090

CVE-2017-18090

Description

Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Atlassian/Fisheyellm-fuzzy2 versions
    <4.5.1, <4.6.0+ 1 more
    • (no CPE)range: <4.5.1, <4.6.0
    • (no CPE)range: prior to 4.5.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.