6.1
CVSSv3

CVE-2021-41304

Published: 26/10/2021 Updated: 21/11/2024

Vulnerability Summary

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before version 8.13.12, and from version 8.14.0 prior to 8.20.2.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

atlassian data center

atlassian jira

atlassian jira data center

atlassian jira server

Github Repositories

Jira Exploits

JiraExploits Available Exploits CVE-2021-41304: Reflected XSS