-
Type:
Public Security Vulnerability
-
Resolution: Fixed
-
Priority:
Low
-
Affects Version/s: 8.5.13, 8.13.5, 8.15.1, 8.16.0
-
Component/s: None
-
4.4
-
Medium
-
CVE-2021-26083
Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Export HTML Report feature.
The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1.
Affected versions:
- version < 8.5.14
- 8.6.0 ≤ version < 8.13.6
- 8.14.0 ≤ version < 8.16.1
Fixed versions:
- 8.5.14
- 8.13.6
- 8.16.1
- 8.17.0