4 matches found
Atlassian Jira < 8.5.5 / 8.6.x < 8.8.2 / 8.9.x < 8.9.1 Multiple Cross-Site Scripting (XSS)
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.5, or version 8.6.x prior to 8.8.2, 8.9.x prior to 8.9.1. It is, therefore, affected by a multiple Cross-Site scripting XSS vulnerabilities. - Remote attackers can inject...
CVE-2020-4025
CVE-2020-4025 concerns Atlassian Jira Server/Data Center where the “attachment download” resource allows remote attackers to inject arbitrary HTML or JavaScript via a rdf attachments content type. The vulnerability affects Jira versions: before 8.5.5, then 8.6.0 before 8.8.2, and 8.9.0 before 8.9...
XSS in Issue - Attachments - CVE-2020-4025
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability issue attachments with a rdf content type. Affected versions: version 8.5.5 8.6.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed...
XSS in Issue - Attachments - CVE-2020-4025
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability issue attachments with a rdf content type. Affected versions: version 8.5.5 8.6.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed...