3 matches found
CVE-2018-13395
CVE-2018-13395 is an XSS vulnerability in Atlassian Jira where an attacker can inject arbitrary HTML/JavaScript via the epicColour field while an issue is moved. Affected Jira Server/Jira Core versions include pre-7.6.8 and several 7.7/7.8/7.9/7.10/7.11 branches (e.g., 7.7.x before 7.7.5, 7.8.x b...
XSS in various resources when moving issues through the Epic Colour field of an issue - CVE-2018-13395
Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML ...
XSS in various resources when moving issues through the Epic Colour field of an issue - CVE-2018-13395
Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML ...