Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 8.9.0, 8.8.2, 8.5.9
Affects Version/s: 8.5.1, 8.5.3
Component/s: Issue - Fields
Labels:

Fixed in Long Term Support Release/s:

Download 8.5
Introduced in Version:
8.05
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the WYSIWYG editor.

The affected versions are before 8.5.9, and from version 8.6.0 before 8.8.2.

Affected versions:

version < 8.5.9
8.6.0 ≤ version < 8.8.2

Fixed versions:

8.5.9
8.8.2
8.9.0

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Due:: 14/Sep/2020

Created:: 16/Jun/2020 2:46 AM

Updated:: 08/Mar/2021 3:51 PM

Resolved:: 17/Jun/2020 3:36 AM