XSS Vulnerability in JIRA Issue Export

XMLWordPrintable

    • 7.02
    • 2
    • Severity 3 - Minor

      A search endpoint is vulnerable to an XSS injection in certain cases.

      Normally, the browser will urlencode its requests, but some proxy servers and load balancers will decode URL data by default. (see http://stackoverflow.com/questions/31266629/nginx-encoding-normalizing-part-of-uri)

              Assignee:
              Kamil Kolonko
              Reporter:
              Micah Figone
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: