jquery 2.2.4 XSS vulnerability

XMLWordPrintable

    • Severity 3 - Minor

      Affected versions of Bitbucket Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.

      A jquery patch has been applied for Bitbucket versions >= 7.10.0.

            Assignee:
            Unassigned
            Reporter:
            Themis
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: