Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2021-39111
HistoryAug 30, 2021 - 6:30 a.m.

CVE-2021-39111

2021-08-3006:30:15
atlassian
www.cve.org
6
atlassian jira server
data center
cross-site scripting

EPSS

0.001

Percentile

45.4%

JSON

The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handling of supplied content such as from a PDF when pasted into a field such as the description field.

CNA Affected

[
  {
    "product": "Jira Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "8.5.18",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.6.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.13.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.14.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.18.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Jira Data Center",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "8.5.18",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.6.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.13.10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.14.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.18.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

cve 1
prion 1
nvd 1
atlassian 2
nessus 3
cve
cve
CVE-2021-39111
2021-08-30 07:15:06
prion
prion
Cross site scripting
2021-08-30 07:15:00
nvd
nvd
CVE-2021-39111
2021-08-30 07:15:06
atlassian
atlassian
Self-xss via copying content from a PDF - CVE-2021-39111
2021-08-18 01:00:26
Self-xss via copying content from a PDF - CVE-2021-39111
2021-08-18 01:00:26
nessus
nessus
Atlassian Jira 8.14.x < 8.18.2 Multiple Vulnerabilities
2021-09-10 00:00:00
Atlassian Jira < 8.5.18 Multiple Vulnerabilities
2021-09-10 00:00:00
Atlassian Jira 8.6.x < 8.13.10 Multiple Vulnerabilities
2021-09-10 00:00:00

EPSS

0.001

Percentile

45.4%

JSON
Related for CVELIST:CVE-2021-39111
cve1prion1nvd1atlassian2nessus3