4 matches found
Atlassian JIRA Multiple Vulnerabilities (JRASERVER-69245) (JRASERVER-69246)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.13.2 or 8.0.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability exists in Jira's BrowserProjects.jspa...
CVE-2019-3400
The CVE-2019-3400 issue affects Atlassian Jira: the labels gadget is vulnerable to cross-site scripting via the jql parameter. Affected versions are Jira before 7.13.2 and 8.0.x before 8.0.2. This allows remote attackers to inject arbitrary HTML/JavaScript, as described in multiple sources. Root ...
XSS in the labels gadget - CVE-2019-3400
The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the jql parameter...
XSS in the labels gadget - CVE-2019-3400
The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the jql parameter...