Medium severity4.8NVD Advisory· Published Apr 10, 2018· Updated Jun 17, 2026
CVE-2018-5227
CVE-2018-5227
Description
Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link.
Affected products
2<5.4.4+ 1 more
- (no CPE)range: <5.4.4
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/103731nvdThird Party AdvisoryVDB Entry
- ecosystem.atlassian.net/browse/APL-1361nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.