3 matches found
Atlassian JIRA < 7.5.3 Cross-Site Scripting
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is potentially affected by a cross-site scripting vulnerability in the PieChart Gadget. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially...
CVE-2017-16863
Atlassian Jira (before version 7.5.3) is affected via the PieChart gadget, where an XSS vulnerability exists in the Gadget name handling. Root cause: cross-site scripting in rendering the PieChart name allows an unauthenticated, remote attacker to inject arbitrary HTML/JavaScript. Impact per sour...
XSS through a project or filter name in the PieChart gadget - CVE-2017-16863
The PieChart gadget in Atlassian Jira before version 7.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the name of a project or filter...