0.061 Low
EPSS
Percentile
93.5%
Affected versions of Bitbucket Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.
A jquery patch has been applied for Bitbucket versions >= 7.10.0.
CPE | Name | Operator | Version |
---|---|---|---|
bitbucket data center | le | 7.9.0 | |
bitbucket data center | lt | 7.10.0 |
0.061 Low
EPSS
Percentile
93.5%