Lucene search
AtlassianCVELIST:CVE-2020-14166HistoryJul 01, 2020 - 12:00 a.m.
CVE-2020-14166
2020-07-0100:00:00
atlassian
www.cve.org
0.002 Low
EPSS
Percentile
55.0%
The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file.
CNA Affected
[
{
"product": "Jira Service Desk Server and Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "4.10.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2020-07-01 02:15:00
packetstorm
packetstorm
Atlassian Jira Service Desk 4.9.1 Cross Site Scripting
2021-04-07 00:00:00
atlassian
atlassian
XSS in API and Integrations - CVE-2020-14166
2020-06-18 02:45:39
XSS in API and Integrations - CVE-2020-14166
2020-06-18 02:45:39
cve
cve
CVE-2020-14166
2020-07-01 02:15:11
nvd
nvd
CVE-2020-14166
2020-07-01 02:15:11
zdt
zdt
exploitdb
exploitdb
Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS
2021-04-07 00:00:00