Lucene search
AtlassianCVELIST:CVE-2018-5232HistoryJul 18, 2018 - 2:00 p.m.
CVE-2018-5232
2018-07-1814:00:00
atlassian
www.cve.org
6
EPSS
0.001
Percentile
45.2%
The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.6.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.7.0",
"versionType": "custom"
},
{
"lessThan": "7.10.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
XSS in EditIssue.jspa through the issuetype parameter - CVE-2018-5232
2018-06-06 00:35:58
XSS in EditIssue.jspa through the issuetype parameter - CVE-2018-5232
2018-06-06 00:35:58
nessus
nessus
Atlassian JIRA < 7.6.7 / 7.7.x < 7.10.1 Cross-Site Scripting
2019-03-05 00:00:00
prion
prion
Cross site scripting
2018-07-18 14:29:00
cve
cve
CVE-2018-5232
2018-07-18 14:29:00
nvd
nvd
CVE-2018-5232
2018-07-18 14:29:00