Lucene search
AtlassianCVELIST:CVE-2020-36288HistoryApr 14, 2021 - 11:45 p.m.
CVE-2020-36288
2021-04-1423:45:17
atlassian
www.cve.org
3
jira server
jira data center
dom cross-site scripting
EPSS
0.001
Percentile
44.9%
The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused by parameter pollution.
CNA Affected
[
{
"product": "Jira Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.5.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.13.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.14.0",
"versionType": "custom"
},
{
"lessThan": "8.15.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Jira Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.5.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.13.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.14.0",
"versionType": "custom"
},
{
"lessThan": "8.15.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2020-36288
2021-04-15 00:15:12
cve
cve
CVE-2020-36288
2021-04-15 00:15:12
prion
prion
Cross site scripting
2021-04-15 00:15:00
atlassian
atlassian
cnvd
cnvd
nessus
nessus
Atlassian Jira < 8.5.12 Multiple Vulnerabilities
2021-07-02 00:00:00
Atlassian Jira 8.6.x < 8.13.4 Multiple Vulnerabilities
2021-07-02 00:00:00
Atlassian Jira 8.14.x < 8.15.1 Multiple Vulnerabilities (1/2)
2021-07-06 00:00:00