Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.15.0
Affects Version/s: 8.0.0, 8.5.0, 8.13.0, 8.14.0
Component/s: None
Labels:

CVSS Score:
5
CVSS Severity:
Medium
CVE ID:
CVE-2020-11022

Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.

The affected versions are before version 8.15.0.

Affected versions:

version < 8.15.0

Fixed versions:

8.15.0

is related to

JSWSERVER-20505 Security vulnerabilities exist in Javascript libraries used in Jira Software (8.8.0)

Closed

JRASERVER-67820 Security vulnerabilities exist in Javascript libraries used in Jira Server (7.11.2)

Gathering Interest

mentioned in: Page Loading...; Page Loading...; Page Loading...

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 30 Start watching this issue

Created:: 02/Feb/2021 9:59 AM
Updated:: 17/Nov/2025 8:14 PM
Resolved:: 04/Feb/2021 1:13 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates