jquery 2.2.4 XSS vulnerability

XMLWordPrintable

    • Severity 3 - Minor

      Affected versions of Bitbucket Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.

      A jquery patch has been applied for Bitbucket versions >= 7.10.0.

              Assignee:
              Unassigned
              Reporter:
              Themis
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: