Uploaded image for project: 'Application Links'
  1. APL-1361

XSS in various administrative application link resources through the display url of a configured application link - CVE-2018-5227

    Details

    • Testing Notes:
      Hide

      Add notes...

      Show
      Add notes...

      Description

      Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link.

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                security-metrics-bot Security Metrics Bot
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Who's Looking?