Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-61861

CVE-2016-4318: XSS vulnerability in role name on /project/ViewDefaultProjectRoleActors.jspa

    XMLWordPrintable

    Details

      Description

      NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report.

      A JIRA administrator(a user who is a member of the jira-administrators group) can create a persistent XSS that affects the /project/ViewDefaultProjectRoleActors.jspa resource through a role name.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                lukasz.plonka324392336 lukasz.plonka324392336
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: