Lucene search
Security-metrics-botATLASSIAN:JRASERVER-67076HistoryApr 05, 2018 - 4:08 a.m.
XSS in the Trello board importer resource - CVE-2017-18097
2018-04-0504:08:04
security-metrics-bot
jira.atlassian.com
525
0.001 Low
EPSS
Percentile
28.8%
The Trello board importer resource in Atlassian Jira before version 7.6.1 and before version 7.7.0 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jira server and data center | lt | 7.6.1 | |
| jira server and data center | le | 7.5.0 | |
| jira server and data center | lt | 7.7.0 |
Related
cve
cve
CVE-2017-18097
2018-04-06 13:29:00
nvd
nvd
CVE-2017-18097
2018-04-06 13:29:00
prion
prion
Cross site scripting
2018-04-06 13:29:00
atlassian
atlassian
XSS in the Trello board importer resource - CVE-2017-18097
2018-04-05 04:08:04
cvelist
cvelist
CVE-2017-18097
2018-04-06 00:00:00
nessus
nessus
Atlassian JIRA < 7.6.1 Multiple Vulnerabilities
2019-03-05 00:00:00