Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.61 views

Atlassian Jira < 8.5.5 / 8.6.x < 8.8.2 / 8.9.x < 8.9.1 Multiple Cross-Site Scripting (XSS)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.5, or version 8.6.x prior to 8.8.2, 8.9.x prior to 8.9.1. It is, therefore, affected by a multiple Cross-Site scripting XSS vulnerabilities. - Remote attackers can inject...

6.1CVSS5.7AI score0.01135EPSS
Exploits0References6
CVE
CVE
added 2020/07/01 1:35 a.m.101 views

CVE-2020-4025

CVE-2020-4025 concerns Atlassian Jira Server/Data Center where the “attachment download” resource allows remote attackers to inject arbitrary HTML or JavaScript via a rdf attachments content type. The vulnerability affects Jira versions: before 8.5.5, then 8.6.0 before 8.8.2, and 8.9.0 before 8.9...

4.8CVSS5AI score0.00918EPSS
Exploits0References1Affected Software4
Atlassian
Atlassian
added 2020/05/29 5:19 a.m.68 views

XSS in Issue - Attachments - CVE-2020-4025

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability issue attachments with a rdf content type. Affected versions: version 8.5.5 8.6.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed...

4.8CVSS5.1AI score0.00918EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2020/05/29 5:19 a.m.37 views

XSS in Issue - Attachments - CVE-2020-4025

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability issue attachments with a rdf content type. Affected versions: version 8.5.5 8.6.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed...

4.8CVSS5.1AI score0.00918EPSS
Exploits0
Rows per page
Query Builder