Loading...

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 7.6.7, 7.10.1, 7.11.0
Affects Version/s: 7.2.12, 7.8.1
Component/s: Issue - Fields
Labels:
- CVE-2018-5232
- advisory
- advisory-released
- cvss-medium
- rxss
- security
- triaged
- xss

Fixed in Long Term Support Release/s:

Download 7.6
Introduced in Version:
7.02
Symptom Severity:
Severity 2 - Major

The EditIssue.jspa resource in Atlassian Jira Server before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter.

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 3 Start watching this issue

Due:: 01/Aug/2018
Created:: 06/Jun/2018 12:35 AM
Updated:: 22/May/2020 8:25 AM
Resolved:: 13/Jun/2018 9:35 AM

Details

Description

Attachments

Activity

People

Dates