[JSDSERVER-10980] Stored XSS in "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa - CVE-2021-43943 - Create and track feature requests for Atlassian products.

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 4.21.0
Affects Version/s: 4.20.0
Component/s: None
Labels:

CVSS Score:
7.6
CVSS Severity:
High
CVE ID:
CVE-2021-43943

Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa.

The affected versions are before version 4.21.0.

Affected versions:

version < 4.21.0

Fixed versions:

4.21.0

Form Name

Neli Steinlein added a comment - 04/Apr/2022 9:12 AM

What is the actual status on LTS fix?

Neli Steinlein added a comment - 04/Apr/2022 9:12 AM What is the actual status on LTS fix?

Neli Steinlein added a comment - 10/Mar/2022 1:13 PM

Any updates on LTS fix?

Neli Steinlein added a comment - 10/Mar/2022 1:13 PM Any updates on LTS fix?

Security Metrics Bot made changes - 27/Feb/2022 8:28 PM

CVE ID

New: CVE-2021-43943

Michael Aglas added a comment - 25/Feb/2022 7:36 AM

At it is not mentioned at all, as always, what about LTS? Is there a rough schedule when to expect this being solved in LTS?

PS: Please improve your CVE handling in Jira for your customers, please. See JRASERVER-73182.

Michael Aglas added a comment - 25/Feb/2022 7:36 AM At it is not mentioned at all, as always, what about LTS? Is there a rough schedule when to expect this being solved in LTS? PS: Please improve your CVE handling in Jira for your customers, please. See JRASERVER-73182 .

AB made changes - 24/Feb/2022 4:39 AM

Resolution		New: Fixed [ 1 ]
Security	Original: Atlassian Staff [ 10750 ]
Status	Original: Draft [ 12872 ]	New: Published [ 12873 ]

AB made changes - 24/Feb/2022 4:39 AM

Summary

Original: Stored XSS in "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa - CVE registration for this issue is already in progress

New: Stored XSS in "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa - CVE-2021-43943

AB made changes - 30/Dec/2021 4:51 AM

Summary

Original: Stored XSS in "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa - Jira Service Management Server

New: Stored XSS in "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa - CVE registration for this issue is already in progress

AB added a comment - 30/Dec/2021 4:51 AM - edited

This is an independent assessment and you should evaluate its applicability to your own IT environment.

CVSS v3 score: 6.7 => Medium severity

Exploitability Metrics

Attack Vector	Local
Attack Complexity	Low
Privileges Required	High
User Interaction	None

Scope Metric

Scope	Changed

Impact Metrics

Confidentiality	High
Integrity	Low
Availability	None

https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N

AB added a comment - 30/Dec/2021 4:51 AM - edited This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 6.7 => Medium severity Exploitability Metrics Attack Vector Local Attack Complexity Low Privileges Required High User Interaction None Scope Metric Scope Changed Impact Metrics Confidentiality High Integrity Low Availability None https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N

AB made changes - 30/Dec/2021 4:49 AM

Description

Original: Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in {component}.

((Use the `; versions` script here to list the fixed and affected versions))

New: Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa.

The affected versions are before version 4.21.0.

*Affected versions:*

* version < 4.21.0

*Fixed versions:*

* 4.21.0

AB made changes - 30/Dec/2021 4:49 AM

Description

Original:
Affected versions of Atlassian Jira Service Management Server allow remote attackers
to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in {component}.

New: Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in {component}.

((Use the `; versions` script here to list the fixed and affected versions))

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 22/Dec/2021 3:05 AM

Updated:: 04/Apr/2022 9:12 AM

Resolved:: 24/Feb/2022 4:39 AM

Details

Description

Attachments

Forms

Activity

[JSDSERVER-10980] Stored XSS in "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa - CVE-2021-43943

Collapse comment: Neli Steinlein added a comment - 04/Apr/2022 9:12 AM

Expand comment: Neli Steinlein added a comment - 04/Apr/2022 9:12 AM

Collapse comment: Neli Steinlein added a comment - 10/Mar/2022 1:13 PM

Expand comment: Neli Steinlein added a comment - 10/Mar/2022 1:13 PM

Collapse comment: Michael Aglas added a comment - 25/Feb/2022 7:36 AM

Expand comment: Michael Aglas added a comment - 25/Feb/2022 7:36 AM

Collapse comment: AB added a comment - 30/Dec/2021 4:51 AM, Edited by Security Metrics Bot - 02/Jan/2022 8:28 PM

Expand comment: AB added a comment - 30/Dec/2021 4:51 AM, Edited by Security Metrics Bot - 02/Jan/2022 8:28 PM

People

Dates

Backbone Issue Sync