The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote malicious users to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by pasting javascript code into the editor field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira |
||
atlassian jira software data center |