Vulnerabilities > Atlassian > Fisheye > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-11 | CVE-2017-14588 | Cross-site Scripting vulnerability in Atlassian Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter. | 6.1 |
| 2017-10-11 | CVE-2017-14587 | Cross-site Scripting vulnerability in Atlassian Fisheye The administration user deletion resource in Atlassian Fisheye and Crucible before version 4.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the uname parameter. | 5.4 |
| 2017-08-24 | CVE-2017-9510 | Cross-site Scripting vulnerability in Atlassian Fisheye The repository changelog resource in Atlassian Fisheye before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the start date and end date parameters. | 5.4 |
| 2017-08-24 | CVE-2017-9509 | Cross-site Scripting vulnerability in Atlassian Crucible The review file upload resource in Atlassian Crucible before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the charset of a previously uploaded file. | 5.4 |
| 2017-08-24 | CVE-2017-9508 | Cross-site Scripting vulnerability in Atlassian Crucible and Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a repository or review file. | 5.4 |
| 2017-08-24 | CVE-2017-9507 | Cross-site Scripting vulnerability in Atlassian Crucible The review dashboard resource in Atlassian Crucible from version 4.1.0 before version 4.4.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the review filter title parameter. | 5.4 |