3 matches found
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...
CVE-2025-67824
The CVE-2025-67824 entry concerns WorklogPRO - Jira Timesheets for Jira Data Center. Affected versions (pre-4.24.2-jira9, -jira10, -jira11) are vulnerable to Cross-Site Scripting (XSS) via a crafted payload in the name of a filter. The vulnerability is triggered when a user attempts to create a t...