The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before version 8.13.6, and from version 8.14.0 before version 8.16.1 allows remote attackers inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
History

Thu, 17 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: atlassian

Published: 2021-06-07T22:25:11.009457Z

Updated: 2024-10-17T14:27:52.463Z

Reserved: 2021-01-25T00:00:00

Link: CVE-2021-26078

cve-icon Vulnrichment

Updated: 2024-08-03T20:19:19.491Z

cve-icon NVD

Status : Modified

Published: 2021-06-07T23:15:08.057

Modified: 2024-11-21T05:55:49.653

Link: CVE-2021-26078

cve-icon Redhat

No data.