Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-69795

XSS in various templates of the Optimization plugin - CVE-2019-8450

XMLWordPrintable

      Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackers who have permission to manage custom fields to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a custom field.

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: