CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

EditworkflowScheme.jspa in Jira Server and Jira Data Center before version 8.5.14, and from version 8.6.0 before version 8.13.6, and from 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.

Affected versions of Jira Server and Jira Data Center have a XSS vulnerability in the EditWorkflowScheme.jspa component which allows remote attackers to inject arbitrary HTML or JavaScript:

_**Affected versions:**_

*   version < 8.5.14
*   8.6.0 ≤ version <  8.13.6
*   8.14.0 ≤ version < 8.16.1

_**Fixed versions:**_

*   8.5.14
*   8.13.6
*   8.16.1

This vulnerability is attributed to Matteo Sebasta.

Headline

CVE-2021-26080: [JRASERVER-72432] XSS in Issue Type /editworkflowscheme.jspa - CVE 2021-26080

CVE: Latest News