Lucene search
Security-metrics-botATLASSIAN:JRASERVER-69237HistoryApr 29, 2019 - 3:08 a.m.
XSS in the activity stream gadget via the country parameter - CVE-2018-20827
2019-04-2903:08:41
security-metrics-bot
jira.atlassian.com
12
0.001 Low
EPSS
Percentile
31.4%
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jira server and data center | le | 7.0.12 | |
| jira server and data center | lt | 8.0.0 | |
| jira server and data center | lt | 7.13.1 |
Related
cvelist
cvelist
CVE-2018-20827
2019-08-09 00:00:00
cve
cve
CVE-2018-20827
2019-08-09 20:15:10
nessus
nessus
prion
prion
Cross site scripting
2019-08-09 20:15:00
nvd
nvd
CVE-2018-20827
2019-08-09 20:15:10
atlassian
atlassian
XSS in the activity stream gadget via the country parameter - CVE-2018-20827
2019-04-29 03:08:41