Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-69795

XSS in various templates of the Optimization plugin - CVE-2019-8450

XMLWordPrintable

      Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackers who have permission to manage custom fields to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a custom field.

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: