CVE-2017-18082

Summary

The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a branch.

Affected Software

VendorProductVersion RangeStatus
AtlassianBambooprior to 6.2.3affected

Weaknesses

  • Cross Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References