EditworkflowScheme.jspa in Jira Server and Jira Data Center before version 8.5.14, and from version 8.6.0 before version 8.13.6, and from 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-72432 |
History
Thu, 17 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2021-06-07T22:25:11.650750Z
Updated: 2024-10-17T14:28:50.794Z
Reserved: 2021-01-25T00:00:00
Link: CVE-2021-26080
Vulnrichment
Updated: 2024-08-03T20:19:19.475Z
NVD
Status : Modified
Published: 2021-06-07T23:15:08.127
Modified: 2024-11-21T05:55:49.907
Link: CVE-2021-26080
Redhat
No data.