The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from version 8.6.0 prior to 8.6.2, and from version 8.7.0 prior to 8.7.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira |
||
atlassian jira server |
||
atlassian jira software data center |
||
atlassian jira data center |