XSS in the wikirenderer component - CVE-2019-8444

2019-08-09T03:30:06
ID ATLASSIAN:JRASERVER-69779
Type atlassian
Reporter security-metrics-bot
Modified 2020-05-22T08:27:21

Description

The wikirenderer component in Jira before version 7.13.6, and from version 8.0.0 before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in image attribute specification.