3 matches found
Atlassian JIRA < 7.8.1 Cross-Site Scripting (XSS) Vulnerability (JRASERVER-67106)
According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is prior to 7.8.1. It is, therefore, potentially affected by a cross-site scripting vulnerability in the name of quick filters. Note that Nessus has not tested for this issue but has inste...
CVE-2017-18100
CVE-2017-18100 affects Atlassian Jira’s agile wallboard gadget. The vulnerability allows cross-site scripting via the name of quick filters in Jira versions before 7.8.1, enabling remote injection of arbitrary HTML or JavaScript. Affected component: the agile wallboard gadget; root cause: XSS in ...
XSS in the agile wallboard gadget through quick filter names - CVE-2017-18100
The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of quick filters. h3. Workaround Disable the gadget. - Navigate to Administration Add-ons Manage add-ons and se...