-
Type:
Bug
-
Resolution: Fixed
-
Priority:
High
-
Affects Version/s: 7.5.0
-
Component/s: Jira Importers Plugin
-
7.05
-
Severity 2 - Major
The Trello board importer resource in Atlassian Jira before version 7.6.1 and before version 7.7.0 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.