Lucene search
Security-metrics-botATLASSIAN:JRASERVER-67526HistoryJun 28, 2018 - 3:20 a.m.
XSS in IncomingMailServer resource - CVE-2018-13387
2018-06-2803:20:46
security-metrics-bot
jira.atlassian.com
519
EPSS
0.001
Percentile
40.6%
The IncomingMailServers resource in Atlassian JIRA Server before version 7.6.7, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3 and from version 7.10.0 before version 7.10.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter as the fix for CVE-2017-18039 was incomplete.
Related
cvelist
cvelist
CVE-2018-13387
2018-07-16 13:00:00
CVE-2017-18039
2018-02-02 14:00:00
prion
prion
Cross site scripting
2018-07-16 13:29:00
Cross site scripting
2018-02-02 14:29:00
atlassian
atlassian
XSS in IncomingMailServer resource - CVE-2018-13387
2018-06-28 03:20:46
nvd
nvd
CVE-2018-13387
2018-07-16 13:29:00
CVE-2017-18039
2018-02-02 14:29:00
cve
cve
CVE-2018-13387
2018-07-16 13:29:00
CVE-2017-18039
2018-02-02 14:29:00
nessus
nessus