5 matches found
Atlassian Jira < 8.20.3 / 8.21.0 XSS (JRASERVER-73069)
The version of Atlassian Jira installed on the remote host is prior to 8.20.3 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73069 advisory. - Stored XSS on /rest/jpo/1.0/hierarchyConfiguration via issueTypes parameter - CVE-2021-43945 CVE-2021-43945 Note...
CVE-2021-43945
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are...
CVE-2021-43945
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are...
CVE-2021-43945
Summary (CVE-2021-43945): Atlassian Jira Server/Data Center is affected by a Stored XSS in the /rest/jpo/1.0/hierarchyConfiguration endpoint. Remote attackers with Roadmaps Administrator permissions can inject arbitrary HTML/JavaScript through this SXSS. Affected versions are before 8.20.3; fixed...
Stored XSS on /rest/jpo/1.0/hierarchyConfiguration via issueTypes parameter - CVE-2021-43945
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are...