Details
-
Public Security Vulnerability
-
Status: Published (View Workflow)
-
Low
-
Resolution: Fixed
-
8.13.4, 8.5.12
-
None
-
5.4
-
Medium
-
CVE-2021-26080
Description
Affected versions of Jira Server and Jira Data Center have a XSS vulnerability in the EditWorkflowScheme.jspa component which allows remote attackers to inject arbitrary HTML or JavaScript:
Affected versions:
- version < 8.5.14
- 8.6.0 ≤ version < 8.13.6
- 8.14.0 ≤ version < 8.16.1
Fixed versions:
- 8.5.14
- 8.13.6
- 8.16.1
This vulnerability is attributed to Matteo Sebasta.
Attachments
Issue Links
- mentioned in
-
Page Loading...