Lucene search
AtlassianCVELIST:CVE-2019-3402HistoryMay 22, 2019 - 5:38 p.m.
CVE-2019-3402
2019-05-2217:38:01
atlassian
www.cve.org
6
EPSS
0.002
Percentile
62.0%
The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.13.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
},
{
"lessThan": "8.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2019-05-22 18:29:00
nvd
nvd
CVE-2019-3402
2019-05-22 18:29:00
symantec
symantec
Atlassian JIRA CVE-2019-3402 Cross Site Scripting Vulnerability
2019-04-29 00:00:00
nessus
nessus
Atlassian Jira 7.13.x < 7.13.4 Multiple Vulnerabilities
2023-03-14 00:00:00
Atlassian Jira 8.0.0 < 8.1.1 Multiple Vulnerabilities
2023-03-14 00:00:00
atlassian
atlassian
XSS in the ConfigurePortalPages.jspa resource - CVE-2019-3402
2019-04-29 03:59:50
XSS in the ConfigurePortalPages.jspa resource - CVE-2019-3402
2019-04-29 03:59:50
nuclei
nuclei
Jira < 8.1.1 - Cross-Site Scripting
2020-11-06 10:28:11
cve
cve
CVE-2019-3402
2019-05-22 18:29:00