Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-66719

XSS in the IncomingMailServers resource through the messagesThreshold parameter - CVE-2017-18039

    XMLWordPrintable

Details

    Description

      The IncomingMailServers resource in Atlassian JIRA from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter .

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-67526 XSS in IncomingMailServer resource - CVE-2018-13387

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: