Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 7.4.4
Affects Version/s: 6.2.1, 7.4.2
Component/s: Mail Server
Labels:
- CVE-2017-18039
- advisory
- advisory-released
- bugbounty
- cvss-medium
- raid
- security
- xss

Introduced in Version:
6.02
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

The IncomingMailServers resource in Atlassian JIRA from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter .

is related to

JRASERVER-67526 XSS in IncomingMailServer resource - CVE-2018-13387

Closed

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Due:: 30/Mar/2018

Created:: 02/Feb/2018 12:10 AM

Updated:: 28/Mar/2019 12:24 AM

Resolved:: 02/Feb/2018 2:57 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates