Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 8.5.5, 8.9.0, 8.8.1, 7.13.16
Affects Version/s: 6.0.8, 7.0.0, 8.0.0, 8.5.4, 7.13.13, 8.8.0
Component/s: Issue - View Issue
Labels:
- advisory
- advisory-released
- bugbounty
- cve-2020-4021
- cvss-medium
- security
- sxss
- xss

Fixed in Long Term Support Release/s:

Download 7.13, 8.5
Introduced in Version:
6
Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.

Affected versions:

version < 7.13.16
8.0.0 ≤ version < 8.5.5
8.6.0 ≤ version < 8.8.1

Fixed versions:

7.13.16
8.5.5
8.8.1
8.9.0

mentioned in: Page Loading...; Page Loading...

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Due:: 19/Jul/2020

Created:: 19/Apr/2020 11:32 PM

Updated:: 13/Oct/2020 1:44 PM

Resolved:: 22/Apr/2020 6:19 PM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates