According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.14, 8.6.x < 8.13.6 or 8.14.x < 8.16.1. It is, therefore, affected by multiple vulnerabilities:
A Cross-Site Scripting (XSS) vulnerability in the EditWorkflowScheme.jspa component. (CVE 2021-26080)
A Cross-Site Scripting (XSS) vulnerability in the number range searcher component. (CVE-2021-26078)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data