Lucene search
AtlassianCVELIST:CVE-2018-13403HistoryFeb 13, 2019 - 6:00 p.m.
CVE-2018-13403
2019-02-1318:00:00
atlassian
www.cve.org
8
EPSS
0.001
Percentile
29.2%
The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a saved filter when displayed on a Jira dashboard.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.6.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.7.0",
"versionType": "custom"
},
{
"lessThan": "7.12.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2018-13403
2019-02-13 18:29:00
prion
prion
Cross site scripting
2019-02-13 18:29:00
atlassian
atlassian
nessus
nessus
Atlassian JIRA Cross-Site Scripting (XSS) Vulnerability (JRASERVER-68526)
2019-05-10 00:00:00
Atlassian Jira < 7.6.10 Multiple Vulnerabilities
2023-03-14 00:00:00
Atlassian Jira 7.13.0 < 7.13.1 Multiple Vulnerabilities
2023-03-14 00:00:00
nvd
nvd
CVE-2018-13403
2019-02-13 18:29:00