The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused by parameter pollution.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-72115 |
History
Thu, 17 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2021-04-14T23:45:17.871738Z
Updated: 2024-10-17T14:02:56.389Z
Reserved: 2021-03-31T00:00:00
Link: CVE-2020-36288
Vulnrichment
Updated: 2024-08-04T17:23:10.175Z
NVD
Status : Modified
Published: 2021-04-15T00:15:12.560
Modified: 2024-11-21T05:29:13.197
Link: CVE-2020-36288
Redhat
No data.