Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T01:22:20.959Z

Reserved: 2016-07-22T00:00:00

Link: CVE-2016-6285

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2017-01-31T22:59:00.330

Modified: 2025-04-20T01:37:25.860

Link: CVE-2016-6285

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.