Lucene search
China National Vulnerability DatabaseCNVD-2022-71407HistoryFeb 28, 2022 - 12:00 a.m.
Atlassian Jira Service Management Server and Data Cente Cross-Site Scripting Vulnerability
2022-02-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
22.8%
Atlassian Jira is a defect tracking management system from Atlassian Australia. A cross-site scripting vulnerability exists in Atlassian Jira Service Management Server and Data Center versions prior to 4.21.0, which originates in /secure/admin/ The “Object Schema” field of InsightDefaultCustomFieldConfig lacks a data validation filter for user-supplied data and output. An attacker could use this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| atlassian jira service management server and data cente | lt | 4.21.0 |
Related
cvelist
cvelist
CVE-2021-43943
2021-12-30 00:00:00
nvd
nvd
CVE-2021-43943
2022-02-24 05:15:09
cve
cve
CVE-2021-43943
2022-02-24 05:15:09
prion
prion
Cross site scripting
2022-02-24 05:15:00
atlassian
atlassian
nessus
nessus
Atlassian Jira Service Management < 4.21.0 Multiple Vulnerabilities
2023-05-03 00:00:00