Cross site scripting

2019-08-0920:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

31.4%

JSON

The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.

CPENameOperatorVersion
jirage7.0.0
jiralt7.13.1

CPE	Name	Operator	Version
	jira	ge	7.0.0
	jira	lt	7.13.1

References

jira.atlassian.com/browse/JRASERVER-69237

0.001 Low

EPSS

Percentile

31.4%

JSON

Related for PRION:CVE-2018-20827