4 matches found
Atlassian JIRA Cross-Site Request Forgery Vulnerability (CNVD-2018-03164)
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A cross-site request forgery vulnerability exists in the IncomingMailServers resource in Atlassian Jira versions prior to 7.6.2....
XSS in Mail Whitelist Field
Jira Admins can create a persistant XSS on the Incoming Mail configuration page. When the value code "alert1 code is inserted into the Witelisted Domain field on the page code /secure/admin/IncomingMailServers.jspa code The javascript persists and executes on page load. This was tested on Jira...
XSS in Mail Whitelist Field
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61963. panel Jira Admins can create a persistant XSS on the Incoming Mail configuration page. When the value code "alert1 code is inserted in...
XSS in Mail Whitelist Field
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61963. panel Jira Admins can create a persistant XSS on the Incoming Mail configuration page. When the value code "alert1 code is inserted in...