Vulnerabilities > Atlassian > Crucible > 4.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-24 | CVE-2018-5228 | Cross-site Scripting vulnerability in Atlassian Fisheye The /browse/~raw resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the handling of response headers. | 6.1 |
| 2018-03-29 | CVE-2018-5223 | Improper Input Validation vulnerability in Atlassian Crucible and Fisheye Fisheye and Crucible did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. | 7.2 |