7 matches found
Jira < 8.1.1 - Cross-Site Scripting
Jira before 8.1.1 contains a cross-site scripting vulnerability via ConfigurePortalPages.jspa resource in the searchOwnerUserName parameter. id: CVE-2019-3402 info: name: Jira 8.1.1 - Cross-Site Scripting author: pdteam severity: medium description: | Jira before 8.1.1 contains a cross-site...
Atlassian Jira 8.0.0 < 8.1.1 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4 or 8.0.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers to inject arbitrary HTM...
Atlassian Jira 7.13.x < 7.13.4 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4 or 8.0.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers to inject arbitrary HTM...
CVE-2019-3402
creationtimestamp| type| source ---|---|--- 2019-05-22 18:48:14+00:00| seen| https://t.me/cvemitreorg/138 2024-03-18 07:23:33+00:00| published-proof-of-concept| https://t.me/lostsec/164 2024-10-09 19:49:41+00:00| seen| https://t.me/CyberSecurityTechnologies/2581 2025-04-13 12:04:46+00:00| seen|...
CVE-2019-3402
The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the searchOwnerUserName parameter...
CVE-2019-3402
Summary: Jira before 7.13.3 and from 8.0.0 before 8.1.1 is affected by a cross-site scripting (XSS) vulnerability in the ConfigurePortalPages.jspa resource, exploitable via the searchOwnerUserName parameter. The issue allows an unauthenticated remote attacker to inject arbitrary HTML/JavaScript i...
XSS in the ConfigurePortalPages.jspa resource - CVE-2019-3402
The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the searchOwnerUserName parameter...