Lucene search
K

4 matches found

CNVD
CNVD
added 2018/01/16 12:0 a.m.4 views

Atlassian JIRA Cross-Site Request Forgery Vulnerability (CNVD-2018-03164)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A cross-site request forgery vulnerability exists in the IncomingMailServers resource in Atlassian Jira versions prior to 7.6.2....

4.3CVSS7AI score0.00644EPSS
Exploits0References1
Atlassian
Atlassian
added 2016/07/19 7:11 p.m.18 views

XSS in Mail Whitelist Field

Jira Admins can create a persistant XSS on the Incoming Mail configuration page. When the value code "alert1 code is inserted into the Witelisted Domain field on the page code /secure/admin/IncomingMailServers.jspa code The javascript persists and executes on page load. This was tested on Jira...

2.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/07/19 7:11 p.m.27 views

XSS in Mail Whitelist Field

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61963. panel Jira Admins can create a persistant XSS on the Incoming Mail configuration page. When the value code "alert1 code is inserted in...

2.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/07/19 7:11 p.m.22 views

XSS in Mail Whitelist Field

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61963. panel Jira Admins can create a persistant XSS on the Incoming Mail configuration page. When the value code "alert1 code is inserted in...

2.1AI score
Exploits0
Rows per page
Query Builder