Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-36234: [JRASERVER-72059] Stored XSS via Custom Fields on Screens Modal - CVE-2020-36234

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.

CVE
Open in Source
#xss#vulnerability#java

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view.

The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.

Affected versions:

  • version < 8.5.11
  • 8.6.0 ≤ version < 8.13.3
  • 8.14.0 ≤ version < 8.15.0

Fixed versions:

  • 8.5.11
  • 8.13.3
  • 8.15.0

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE