CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

The wikirenderer component in Jira before version 7.13.6, and from version 8.0.0 before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in image attribute specification.

**Details**

*   **Type: **![](https://jira.atlassian.com/secure/viewavatar?size=xsmall&avatarId=51493&avatarType=issuetype "Bug - A problem which impairs or prevents the functions of the product.") Bug
    

*   **Priority: **![](https://jira.atlassian.com/images/icons/priorities/high.svg "High - High priority issues") High
    
*   **Resolution:** Fixed
    
*   **Affects Version/s:** 7.7.0, 8.1.1
    

*   **Labels:**
    
    *   CVE-2019-8444
    *   advisory
    *   advisory-released
    *   cisco-talos
    *   cvss-medium
    *   raid
    *   security
    *   sxss
    *   xss
    

*   **Fixed in Long Term Support Release/s:**
    
*   **Introduced in Version:**
    
    7.07
    
*   **Symptom Severity:**
    
    Severity 2 - Major
    

**Description**

The wikirenderer component in Jira before version 7.13.6, and from version 8.0.0 before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in image attribute specification.

**Attachments**

**Activity**

**People**

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

**Dates**

Created:

09/Aug/2019 3:30 AM

Updated:

27/May/2021 9:13 AM

Resolved:

09/Aug/2019 3:30 AM

Headline

CVE-2019-8444: [JRASERVER-69779] XSS in the wikirenderer component - CVE-2019-8444

CVE: Latest News