Lucene search
AtlassianCVELIST:CVE-2019-8450HistorySep 11, 2019 - 1:56 p.m.
CVE-2019-8450
2019-09-1113:56:26
atlassian
www.cve.org
4
EPSS
0.001
Percentile
29.2%
Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackers who have permission to manage custom fields to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a custom field.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
},
{
"lessThan": "8.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
XSS in various templates of the Optimization plugin - CVE-2019-8450
2019-08-12 02:47:13
XSS in various templates of the Optimization plugin - CVE-2019-8450
2019-08-12 02:47:13
prion
prion
Cross site scripting
2019-09-11 14:15:00
cve
cve
CVE-2019-8450
2019-09-11 14:15:12
nvd
nvd
CVE-2019-8450
2019-09-11 14:15:12
nessus
nessus
Atlassian JIRA < 7.13.6 / 8.x < 8.4.0 XSS (JRASERVER-69795)
2020-01-09 00:00:00