Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-26082: [JRASERVER-72393] Stored XSS on Jira Issue XML Export - CVE-2021-26082

The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.

CVE
Open in Source
#xss#vulnerability#java

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in XML Export.

The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0.

*Affected versions:*

  • version < 8.5.14
  • 8.6.0 ≤ version < 8.13.6
  • 8.14.0 ≤ version < 8.17.0

*Fixed versions:*

  • 8.5.14
  • 8.13.6
  • 8.17.0

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE