The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 up to and including 2.17.1, User Management for Confluence 2.0.0 up to and including 2.15.24, and User Management for Bitbucket 2.2.2 up to and including 2.15.24.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
techtime user management |