-
Public Security Vulnerability
-
Resolution: Fixed
-
Low (View bug fix roadmap)
-
8.20.3
-
None
-
5.9
-
Medium
-
CVE-2021-43945
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting (SXSS) vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint.
The affected versions are before version 8.20.3.
Affected versions:
- version < 8.20.3
Fixed versions:
- 8.20.3
- 8.21.0
Stored XSS on /rest/jpo/1.0/hierarchyConfiguration via issueTypes parameter - CVE-2021-43945
-
-
Resolution: Fixed
-
Low
-
8.20.3
-
None
-
5.9
-
Medium
-
CVE-2021-43945
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting (SXSS) vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint.
The affected versions are before version 8.20.3.
Affected versions:
- version < 8.20.3
Fixed versions:
- 8.20.3
- 8.21.0
-
Unassigned
-
Security Metrics Bot
- Votes:
-
0 Vote for this issue
- Watchers:
-
3 Start watching this issue
- Created:
- Updated:
- Resolved: