XSS vulnerabilty in JIRA Misc Workflow Extensions

XMLWordPrintable

    • 5.4

      There is a XSS vulnerability in the JIRA Misc Workflow Extensions plugin on the "Add Parameters To Validator" page.
      Validators / Add / Comment Required Validator

      The group names are not escaped and allow execution of Javascript.

      Affects: JIRA Misc Workflow Extensions 2.5.5.1

              Assignee:
              Unassigned
              Reporter:
              David Fischer
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: