18 matches found
CVE-2025-57681
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
CVE-2025-57681
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
CVE-2025-57681
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...
PT-2026-3781
Name of the Vulnerable Software and Affected Versions WorklogPRO - Timesheets for Jira versions prior to 4.23.6-jira10 WorklogPRO - Timesheets for Jira versions prior to 4.23.5-jira9 Description The WorklogPRO - Timesheets for Jira plugin contains a flaw that allows the injection of arbitrary HTM...
CVE-2025-57681
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
CVE-2025-57681
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
Atlassian WorklogPRO – Jira Timesheets security vulnerabilities
Atlassian WorklogPRO - Timesheets for Jira is a time management plugin developed by the Australian company Atlassian. Vulnerabilities existed in versions of Atlassian WorklogPRO - Timesheets for Jira prior to 4.23.6-jira10 and 4.23.5-jira9. These vulnerabilities were due to the ability for users...
CVE-2025-57681
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
EUVD-2026-3658
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-jira9 allows users and attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability. The vulnerability is exploited via a specially crafted paylo...
CVE-2025-57681
The CVE-2025-57681 entry covers a Cross-Site Scripting (XSS) vulnerability in the WorklogPRO - Timesheets for Jira plugin for Jira Data Center. Concrete details from connected sources show: affected software and versions (WorklogPRO - Timesheets for Jira ≤ before 4.23.6-jira10 and ≤ before 4.23.5...
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...
Starware WorklogPRO – Jira Timesheets security vulnerabilities
The Starware WorklogPRO – Jira Timesheets is a time tracking plugin developed by The Starware company in Turkey. Versions of The Starware WorklogPRO – Jira Timesheets prior to 4.24.1-jira9, 4.24.1-jira10, and 4.24.1-jira11 contained security vulnerabilities. These vulnerabilities were caused by...
PT-2026-3630
Name of the Vulnerable Software and Affected Versions WorklogPRO - Jira Timesheets plugin versions prior to 4.24.1-jira9 WorklogPRO - Jira Timesheets plugin versions prior to 4.24.1-jira10 WorklogPRO - Jira Timesheets plugin versions prior to 4.24.1-jira11 Description The WorklogPRO - Jira...
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...
CVE-2025-67824
The CVE-2025-67824 entry concerns WorklogPRO - Jira Timesheets for Jira Data Center. Affected versions (pre-4.24.2-jira9, -jira10, -jira11) are vulnerable to Cross-Site Scripting (XSS) via a crafted payload in the name of a filter. The vulnerability is triggered when a user attempts to create a t...
CVE-2025-67824
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when t...