[BAM-19708] The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227 - Create and track feature requests for Atlassian products.

We couldn't load the project sidebar. Refresh the page to try again.
If the problem persists, contact your Jira admin.

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 6.5.0
Affects Version/s: None
Component/s: None
Labels:

Symptom Severity:
Severity 1 - Critical
Bug Fix Policy:
View Atlassian Server bug fix policy

The version of the bundled Atlassian Application Links plugin was vulnerable to XSS. See https://ecosystem.atlassian.net/browse/APL-1361 for more details.

is related to

JRASERVER-66827 The bundled Atlassian Application Links plugin had various XSS issues - CVE-2018-5227

Closed

APL-1361 XSS in various administrative application link resources through the display url of a configured application link - CVE-2018-5227

Done

APL-1356 Failed to load

Form Name

No work has yet been logged on this issue.

Assignee:: Alexey Chystoprudov

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 1 Start watching this issue

Created:: 22/Feb/2018 5:21 AM

Updated:: 01/Jun/2023 1:34 PM

Resolved:: 23/Feb/2018 8:55 AM