CVSS: 6.1EPSS: 0%CPEs: 56EXPL: 0CVE-2011-4822
https://notcve.org/view.php?id=CVE-2011-4822
15 Dec 2011 — Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) the user profile display name, which is not properly handled in a FishEye page. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en la funcionalidad de perfil de usuario de Atlassian FishEye en versiones anterior... • http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-11-22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •