The host is installed with Bamboo CI server before 6.2.3 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the plan configure branches resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript via a cross site scripting vulnerability through the name of a branch.