|
Description
|
|
A security issue and two vulnerabilities have been reported in FishEye and Crucible, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.
1) Certain input related to the user profile display name is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
2) Certain input related to snippets in a user's comment is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
The vulnerabilities #1 and #2 are reported in versions prior to 2.5.5.
3) An error due to the application not restricting access to changesets or reviews can be exploited to read metadata from repositories or projects via tooltips.
This vulnerability is reported in versions 2.4.6 through 2.5.6.
|
