4.3
CVSSv2

CVE-2019-3400

Published: 03/05/2019 Updated: 07/05/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.

Vulnerability Trend