2 matches found
CVE-2022-36801
CVE-2022-36801 affects Atlassian Jira Server and Data Center prior to 8.20.8. The issue is a Reflected XSS in the TeamManagement.jspa endpoint that allows anonymous remote attackers to inject arbitrary HTML or JavaScript. Several sources corroborate the affected version range and the vulnerabilit...
Reflected XSS on /secure/TeamManagement.jspa via "planUrl" parameter - CVE-2022-36801
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting RXSS vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8. Affected versions:...