Details
-
Type:
Public Security Vulnerability
-
Status: Published (View Workflow)
-
Priority:
Low
-
Resolution: Fixed
-
Affects Version/s: 8.5.0, 8.5.3, 8.13.0, 8.12.3
-
Component/s: None
-
CVSS Score:8.2
-
CVSS Severity:High
Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints.
The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.
Affected versions:
- version < 8.5.11
- 8.6.0 ≤ version < 8.13.3
- 8.14.0 ≤ version < 8.15.0
Fixed versions:
- 8.5.11
- 8.13.3
- 8.15.0
Attachments
Issue Links
- mentioned in
-
Page Loading...